Managing user consent to apps in Microsoft 365

This setting controls whether users can give that consent to apps that use OpenID Connect and OAuth 2.0 for sign-in and requests to access data. An app can be created from within your own organization, or it can come from another Office 365 organization or a third-party.

If you turn this setting on, those apps will ask users for permission to access your organization’s data, and users can choose whether to allow it. If you turn this setting off, then admins must consent to those apps before users may use them. In this case, consider setting up an admin consent workflow in the Azure portal so users can send a request for admin approval to use any blocked app.

A user can give access only to apps they own that access their Office 365 information. They can't give an app access to any other user's information.

Here's how to turn User consent to apps on or off.

  1. In the admin center, go to the Settings > Org settings > Services page, and then select User consent to apps.

  2. On the User consent to apps page, select the option to turn user consent on or off.

More info

To learn about how to configure your consent settings in Azure active directory, read Configure the admin consent workflow.

To learn about managing user consent to apps, read Managing consent to applications and evaluating consent requests.