Symptoms

After creating a SharePoint group and adding "Everyone except external users" as the only entry, the customer gave the group participate rights on a specific site collection so the entirety of the users in active directory would have the ability to kick off workflows upon form submissions. However, no users are able to start workflows.
 

Diagnoses

Upon investigation, the "Everyone except external users" entry in the said group is defined as "c:0-.f|rolemanager|spo-grid-all-users/sxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx]" and does not explicitly reference AAD accounts. Because of this, there is no reference for Appit when it leverages the group to assign permissions to the specific AAD users, so no permissions are being assigned.
 

Resolution

The SharePoint group will need to be set up with each member's AAD account explicitly added to the group so Design and/or Participate rights are assigned correctly.

If a group is needed with all members of an organization, it must be set up manually.