I created new Azure App but it keep showing error message Need admin approval

Question

I created a new app in azure but when users try to log in they keep getting message admin approval required

I have changed to single tenant still same issue. as far i know from microsoft that if you only allow basic info you dont need to approve the app.

These are the steps I've taken to create an app.

1. Create new app called "NameOfYourApp"

2. Add following URLs

   • https://YourEnvironment/MicrosoftLoginConnector/Callback.aspx
   • https://YourEnvironment/NameOfYourApp/Callback.aspx
3. • Enable in Windows Azure Active Directory the access to 2 permissions Read all users' basic profiles and Sign in and read user profile.
   • Add Dynamics CRM Online and enable the access to 1 permission: Access Dynamics 365 as organization users.

4. Generated a Client Secret key

Anything I'm missing?

Answer 1

From your screenshot, your app is a multi-tenant app, I suppose you use a user account in a different tenant to login the app, if so, you will get the error because of the setting in Azure Active Directory -> Enterprise applications -> User settings.

If the option is set to No, the normal user will not have the permission to consent the app from another different tenant, even if the API permission you request does not need admin consent. I can also reproduce your issue.

So to solve the issue, you have the options below.

1.Set the Users can consent to apps accessing company data on their behalf to Yes, after some delay, the normal user will be able to consent the app by himself.

2.Let the admin of another tenant to login the app and consent for it, or hit the tenant-wide admin consent URL - https://login.microsoftonline.com/{tenant-id}/adminconsent?client_id={client-id}, login and consent for the app.

Answer 2

You need to approve Grant admin consent