cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Admin consent is being raised for permissions which are not required admin consent

jkhan540
Copper Contributor

‎Aug 30 2019 01:14 AM

‎Aug 30 2019 01:14 AM

Admin consent is being raised for permissions which are not required admin consent

Hi,

 

We are integrating the microsoft graph to fetch the contacts of signed-in user through microsoft graph SDK but I one thing here is that we are using our implemented OAuth2.0 protocol for authentication in microsoft graph instead of Auth using given JS SDK with following permissions which are registered on Azure Active Directory

scope = offline_access Contacts.Read Contacts.Read.Shared

Problem : Admin consent should not be shown to user when registered permissions are not required admin consent.

Labels:
969 Views
0 Likes
1 Reply
Reply
1 Reply
zawad

‎Nov 04 2019 04:27 PM

‎Nov 04 2019 04:27 PM

Re: Admin consent is being raised for permissions which are not required admin consent

@jkhan540 It is possible that the tenant you are testing your application has disabled user consent. It is actually documented as a best practice here: https://docs.microsoft.com/en-us/azure/security/fundamentals/steps-secure-identity#block-end-user-co...

 

If user consent is disabled then you will receive the same AADSTS90094 error which is documented here: https://blogs.msdn.microsoft.com/aaddevsup/2018/05/08/receiving-aadsts90094-the-grant-requires-admin...

0 Likes
Reply