在 Microsoft 365 中管理用户对应用的同意Managing user consent to apps in Microsoft 365

此设置控制用户是否可以同意使用 OpenID Connect 和 OAuth 2.0 进行登录和请求访问数据的应用。This setting controls whether users can give that consent to apps that use OpenID Connect and OAuth 2.0 for sign-in and requests to access data. 可以从你自己的组织创建应用,也可以来自另一个 Office 365 组织或第三方。An app can be created from within your own organization, or it can come from another Office 365 organization or a third-party.

如果启用此设置,这些应用将要求用户授予访问组织数据的权限,用户可以选择是否允许。If you turn this setting on, those apps will ask users for permission to access your organization’s data, and users can choose whether to allow it. 如果关闭此设置,则管理员必须先同意这些应用,用户才能使用它们。If you turn this setting off, then admins must consent to those apps before users may use them. 在这种情况下,请考虑在 Azure 门户中设置管理员同意工作流,以便用户可以发送管理员批准请求以使用任何阻止的应用。In this case, consider setting up an admin consent workflow in the Azure portal so users can send a request for admin approval to use any blocked app.

用户可以仅向其拥有的、访问其 Office 365 信息的应用授予访问权限。A user can give access only to apps they own that access their Office 365 information. 他们无法向应用授予对任何其他用户的信息的访问权限。They can't give an app access to any other user's information.

下面将了解如何打开或关闭用户对应用的同意。Here's how to turn User consent to apps on or off.

  1. 在管理中心中,转到 "设置 > ""组织 设置""服务"页, > 然后选择"用户同意应用"。In the admin center, go to the Settings > Org settings > Services page, and then select User consent to apps.

  2. 在" 用户同意应用"页上 ,选择打开或关闭用户同意的选项。On the User consent to apps page, select the option to turn user consent on or off.

详细信息More info

若要了解如何在 Azure Active Directory 中配置同意设置,请阅读 配置管理员同意工作流To learn about how to configure your consent settings in Azure active directory, read Configure the admin consent workflow.

若要了解如何管理用户对应用的同意,请阅读 管理对应用程序的同意和评估同意请求To learn about managing user consent to apps, read Managing consent to applications and evaluating consent requests.