You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The plot thickens. Just got off the phone with a customer’s IT, they did admin consent in Azure, but their users were still continuing to be prompted for admin consent when attempting OAUTH as a non-admin user.
Digging deeper, apparently, setting prompt=consent is frowned upon for O365. There’s actually documentation on this, buried inside Azure Portal. I attached the full doc as a PDF below, but a couple quotes:
Note: Configuring an application with prompt=consent is not a best practice for developers. Azure AD might be receiving prompt=consent in authentication attempts, prompting an admin consent loop. Ask the developer to remove the prompt=consent property.
The Zoom application has a known issue where users are prompted with an admin consent request while signing in to the application, even when users have all permissions assigned in Azure. If you disable the Office 365 users can consent to enterprise applications accessing company data on their behalf option on the Zoom admin portal, then users won’t be prompted for admin consent.
So maybe Zoom defaults to prompt=consent too, but then has a admin configuration that removes it for orgs that have certain Azure configurations? I’d be down with defaulting to prompt=consent, but being able to flag prompt=consent off, depending on my client’s Azure configuration?
The text was updated successfully, but these errors were encountered:
Follows this resolved issue: Ask consent on Microsoft re-auth
From the community:
The text was updated successfully, but these errors were encountered: