Multi-tenant AAD - Need Admin Approval on 2nd tenant

Occasional Contributor



I have implemented SSO (OAuth2) for Multi-tenant AAD Application. The app permissions donot need admin consent - 


The app is registered on tenant 1 and SSO is working on tenant 1, but tenant 2 show 'Need admin approval' after the user has consented for the permissions.


In tenant 2, User settings under Enterprise applications in Azure portal for 'User can consent to apps accessing company data on their behalf' is enabled.

why is admin approval required even though the permissions donot require admin consent?


Please help.




2 Replies
@techie2021- We are looking into this I will get back to you soon.
best response confirmed by ChetanSharma-msft (Microsoft)
@techie2021 - Looks like your query is related to specific AAD.
Could you please check here with AAD support team: