AADSTS90094: is requesting permissions, which you are not authorized to grant. Contact your administrator, who can grant permissions

Question

I'm using Xamarin forms and azure portal i was trying to authenticate user's with office 365 but this message appeared

Need admin approval

Request Id: ddda1a97-9ae9-xxxxxxxx-6c7638919f00 Correlation Id: 9571fe55-4e9d-xxxxxxxxx-b7371vfa860f Timestamp: 2019-03-26T09:18:36Z Message: AADSTS90094: AuthPegasus is requesting permissions, which you are not authorized to grant. Contact your administrator, who can grant permissions to this application on your behalf I Do i need to add user's ?? How ??

I added the application in azure active directory and enter the redirect url and configured my app

I can authenticate with the admin account but user's i receive this message please i have a lot of user's that need to authenticate

THANK YOU

Answer 1

When you grant permissions in Azure AD, there are a number of these that require administrator approval.

Anything you add to the application with the "YES" in the "Requires Admin" column needs to be approved by an AD administrator.

For obvious reasons, checks and balances need to be put in place so that the developer cannot simply add permissions to an application without the consent of the higher security/admin teams.

A user will typically blindly ok any request for access, this is in place to ensure that at least 1 other person has given the ok for your app to ask for those permissions.