CODEWITHSUNDEEP
azure-active-directory
Isaac Levin
Isaac Levin

Reputation: 2899

Users being asked to Consent Everytime Azure AD Application

I have an Azure AD Application that is written in Angular 2. The application is working fine as I can login against AD and get access tokens back. However the issue is that I am getting a consent request every time I login. Here is what the request looks like

        "https://login.microsoftonline.com/" + this.tenantId + "/oauth2/authorize?" +
        "response_type=id_token+token&" +
        "response_mode=fragment&" +
        "client_id=" + this.clientId + "&" +
        "redirect_uri=" + encodeURIComponent(window.location.href) + "/&" +
        "scope=openid&" +
        "state=" + this.state + "&" +
        "resource=" + encodeURIComponent(this.appuri) + "&" +
        "nonce=" + this.nonce;

This send me to the Azure Login Screen with the consent dialoag like so

enter image description here

I click accept and am directed back to where I want to go and everything is great. If I login again, I get the same prompt. What step do I need to take on the Azure AD side to store the consent of the user? Is it something in the manifest?

Upvotes: 0

Views: 1027

Answers (1)

Shawn Tabrizi
Shawn Tabrizi

Reputation: 12434

The consent screen you are seeing is the "admin consent screen" which should only appear if you pass "prompt=admin_consent" as a query string for the login url.

At the same time, if you pass this query string, you will be prompted to consent to the application each time. Instead, you want to make sure that you only pass this query string one time (the first time a user uses the app) and once it has been consented, make sure you are not passing any "prompt" query strings.

I hope this solves your problem!

Upvotes: 3

Related Questions