We want to control consent to enterprise applications and therefore switched to:
"User consent for applications: Allow user consent for apps from verified publishers, for selected permissions (Recommended)"
This works as expected, and now most of the times a user wants to access to an application an admin consent request is generated. When I accept the admin consent request, the application is granted access on behalf of the whole organization. I don't like this behavior, because now the application has access to potentially too much data.
Is it possible to use the "admin consent required" restriction, but only to grant access to the user asking for it? It seems to be possible with PowerShell, but it would be nice to use the Microsoft Entra Portal to achieve that.
