Sunny987, When you register a non-gallery SAML app in AAD under the enterprise registration section, as you mentioned the entity ID field of that app gets auto-populated from the details present in the application's metadata, which in your case got filled with entity ID = ABC.
Now, this non-gallery app's entry would also be present in the App registration section of AAD, from where you can expose this non-gallery SAML app as an API. Once you try to expose this app as an api, you would see that the Application ID URI value is pre-populated with the value same as that of the entity ID.
In this case, if your entity ID is just a {guid} i.e an app-id then when you use the OBO flow and get the SAML response, you would get the audience in the SAML response as spn:{guid} or spn:{app-id}. But in case your entity ID is in the format https://ABC or api://ABC then, when you use the OBO flow and get the SAML response, you would get the audience in the SAML response as https://ABC or api://ABC.
Now it depends on the app metadata what it is fed with. You can change the details while you expose the SAML app as an api to which ever format you want but that might break the actual functioning of the app.
Coming to the second query, where you wanted to know if the user_impersonation permission is mandatory or not. The answer to that is yes, its mandatory and AAD on its own creates the user_impersonation permission, when you try to expose a non-gallery SAML app as an API.
Hope this helps.
Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.