Delay between admin consent and ability to perform API requests

OmriEytan · ‎Apr 22 2021

We have been experiencing long delays (up to an hour) between the moment the "admin consent" approval of our app until we can successfully perform Graph API calls for the tenant.
As part of our on-boarding flow, after the user provides admin consent to our application we start performing various actions via the Graph API. Lately we have been receiving an increasing number of API call failures with "permission denied" response.
It can take any time between a few seconds to an hour for the permissions granted in the admin consent form to be recognized by the Graph API.
This is causing substantial friction in our on-boarding process.
Has anyone else encountered this?

Vasil Michev · ‎Apr 22 2021

Did you renew your token after granting consent? The vast majority of applications will rely on the roles/scopes listed within the token, and those will not be updated until you get a new one.

OmriEytan · ‎Apr 24 2021

@Vasil Michevwe are issuing a new token. After the consent is given, the tenant ID is sent to a backend process that issues a new token via MSAL and queries the Graph API. Scopes requested for the token are similar to those requested by the application and approved by the admin.

Delay between admin consent and ability to perform API requests

Delay between admin consent and ability to perform API requests

Re: Delay between admin consent and ability to perform API requests

Re: Delay between admin consent and ability to perform API requests

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Delay between admin consent and ability to perform API requests

Delay between admin consent and ability to perform API requests

Re: Delay between admin consent and ability to perform API requests

Re: Delay between admin consent and ability to perform API requests