question

NickHuynh-1814 avatar image
0 Votes"
NickHuynh-1814 asked amanpreetsingh-msft answered

Is there a way to grant admin consent to a multi-tenant app via Azure portal?

I registered a multi-tenant application and want to allow SSO using OIDC from other Azure AD.
So when a non-admin user logs in for the first time, user consent must be accepted. Or if a admin user does the log first, then it can grant consent on behalf of other users.
Can Azure AD admin in Azure portal find my registered multi-tenant app and grant the consent prior to the first login so that users don't have to accept consent at their first login or have to do the login using admin user first to grant admin consent?

azure-ad-single-sign-onazure-ad-openid-connect
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered

Hi @NickHuynh-1814 • Thank you for reaching out.

Admin Consent via Azure Portal can only be provided for the tenant where the application is registered in the first place. Users or Administrators of other tenants cannot consent via Azure Portal and it has to be done,
1. Either when user/administrator accesses the multi-tenant application first time.
2. Or by constructing the Admin Consent URL and sharing it with the Administrators of the other tenants.

Below is an example of the Admin Consent URL:

 https://login.microsoftonline.com/organizations/v2.0/adminconsent
         ?client_id=6731de76-14a6-49ae-97bc-6eba6914391e
         &scope=https://graph.microsoft.com/Calendars.Read https://graph.microsoft.com/Mail.Send
         &redirect_uri=http://localhost/myapp/permissions
         &state=12345

Read more: Request the permissions from a directory admin


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.