Im working on getting mailFolders info with Microsoft Graph API(/users/{id}/mailFolders) using daemon application token. In this case I can receive folders for any users. But when authenticating as an application (as opposed to with a user), you can't use delegated permissions.
How using application identity check if user has access to the delegated folder or can MS Graph somehow enforce a user's access to another user's mailbox when using an application identity?
No. It's impossible.
Firstly you need to learn about the difference between Application token (Application permission) and User token (Delegated Permission) in Azure AD.
How using application identity check if user has access to the delegated folder?
When you use an application token, you are playing an application which has access to all the mailboxes. You are not signing in as a user, so you can't check the access permission of a user to another user's mailbox.
Can MS Graph somehow enforce a user's access to another user's mailbox when using an application identity?
Similarly, this feature itself is not provided by MS Graph. You can Use the EAC to assign permissions or Assign permissions to the entire mailbox with Exchange Online Powershell.