Azure AD SSO: Allow to get bootstrap token without granting admin consent
Piyumi Perera
101
Reputation points
I am using SSO with Azure AD v2 for Office365 Addin. I registered an azure app using account1@domain1.com by following register-sso-add-in-aad-v2.
I was able to get bootstrap token using OfficeRuntime.auth.getAccessToken()
without consenting.
I was unable to get bootstrap token, when I tried to use account2@domain2.com. I got following error which is expected according to the documentation (Outlook-Add-in-SSO).
code: 13005
message: "Missing grant for this add-in."
name: "Preauthorization missing."
I need to understand these two behaviors.
I have added following permissions to azure app.