This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 79%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
Hello,
I am developing an application that requires organizational consent. Prior to a few days ago, the consent flow was working but my app was configured to accept consent from my tenant only.
Now, I want to roll out this product to other organizations. I changed the Azure setting to allow consent from all tenants. Unfortunately, the consent flow no longer works. I reach the consent page, but upon "Accept"ing the required permissions, I enter a loop. Each time I hit "Accept", I return to the consent page.
Has anyone else seen this issue. Any advice as to how to resolve it?
Regards,
Seth
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 14.000000000000002%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFH%3C/text%3E%3C/svg%3E)
Could you get a fiddler trace and see what's going on? Is it doing a 302 back and forth and are you using an OIDC flow?
What kind of flow are you doing for your application? There are alot of common redirection issues that could happen for a variety of reasons and it's difficult to know why this is happening for you specifically without knowing exactly what's going on in the fiddler trace.
Please take a look at this for further details if using an OIDC app https://blogs.aaddevsup.xyz/2019/07/infinite-redirect-between-openid-connect-application-and-azure-ad/
Frank,
I initiate my OAuth flow with this URL:
I placed the consent page in the Chrome debugger, and the attached screen shot is an outline of what I get. The POST to /Set returns a 200, not a 302, and I am back where I started. This did not happen as recently as a few days ago.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 38%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Try adding delegated permissions for every application permission. They shouldn't really be needed for admin consent for a web app and even if they were, it should fail with an error and not a loop. But that's what fixed it for us.