You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: support/entra/entra-id/app-integration/troubleshoot-consent-issues.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,7 +1,7 @@
1
1
---
2
2
title: Troubleshooting Consent Issues in Microsoft Entra ID
3
3
description: Helps you troubleshoot and resolve consent issues in Microsoft Entra ID.
4
-
ms.date: 01/13/2025
4
+
ms.date: 01/14/2025
5
5
ms.reviewer: willfid, v-weizhu
6
6
ms.service: entra-id
7
7
ms.custom: sap:App registrations
@@ -29,7 +29,7 @@ There are many reasons why you might receive a message indicating that admin app
29
29
30
30
- The **User.Read** permission is missing.
31
31
- User consent is disabled at the tenant level.
32
-
-Required user assignment is enabled for the application.
32
+
-User assignment is enabled for the application.
33
33
- A service principal doesn't exist in the tenant for the client application.
34
34
- A service principal doesn't exist in the tenant for the resource.
35
35
- A consent URL that specifies `prompt=admin_consent` or `prompt=consent` is requested.
@@ -138,7 +138,7 @@ To check if a resource exists, try a request that looks like `https://<Aad-Insta
138
138
139
139
You might encounter one of the following behaviors or errors:
140
140
141
-
- You're allowed to sign in (this is the behavior you expect). In this case, go to the next step. In most cases, if you see the "code" parameter in the address bar, it means the authentication process was successful.
141
+
- You're allowed to sign in (this is the behavior you expect). In this case, go to the next step. In most cases, if you see the `code` parameter in the address bar, it means the authentication process was successful.
142
142
- Error AADSTS650052: The app needs access to a service that your organization has not subscribed to or enabled. Contact your IT Admin to review the configuration of your service subscriptions.
143
143
144
144
This error means the resource doesn't exist in your organization. To resolve this issue, use this consent URL: `https://login.microsoftonline.com/<Tenant-ID>/oauth2/authorize?response_type=code&client_id=<App-URI-ID>&prompt=admin_consent`
@@ -160,7 +160,7 @@ You might encounter one of the following behaviors or errors:
160
160
161
161
### Step 7: Verify if the prompt parameter is passed
162
162
163
-
Sometimes, signing in to the application requires passing the `prompt` parameter of consent or admin_consent. Once the application obtains consent, make sure the `prompt` parameter isn't specified. Otherwise, users might always receive a consent error.
163
+
Sometimes, signing in to the application requires passing the `prompt` parameter of `consent` or `admin_consent`. Once the application obtains consent, make sure the `prompt` parameter isn't specified. Otherwise, users might always receive a consent error.
0 commit comments