Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
Pending Admin consent issues
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 23%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKA%3C/text%3E%3C/svg%3E)
Kondeti Amrutha
40
Reputation points
I am unable to Admin consent request approve it today as the request is not appearing in the pending request table. Only previous tenant records are visible in All preview tab
our tenant policy specifies that consent requests expire after one day.
if i am trying to approve, its applied for all users.
i need to approve admin consent for one user
Microsoft Security | Microsoft Entra | Microsoft Entra ID
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 85%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVS%3C/text%3E%3C/svg%3E)
VEMULA SRISAI 13,030 Reputation points Microsoft External Staff Moderator2025-12-09T13:57:55.0633333+00:00 Hello Kondeti Amrutha ,
It sounds like you're having a bit of trouble with the admin consent process for your Azure tenant. Here’s some insight that might help.
Here's what you can try:
Review Pending Requests:
- Make sure the user who requested the consent is designated correctly and that their request has been submitted. Only the requests made after a user has been added as a reviewer will be visible to them. If the request doesn't appear in the pending requests, it may have expired, which usually happens after one day based on your tenant policy.
Here's what you can try:
- Review Pending Requests:
- Make sure the user who requested the consent is designated correctly and that their request has been submitted. Only the requests made after a user has been added as a reviewer will be visible to them. If the request doesn't appear in the pending requests, it may have expired, which usually happens after one day based on your tenant policy.
- Enabling the Admin Consent Workflow:
- If you haven't done so already, ensure that the admin consent workflow is enabled. This allows the users to request admin approval directly and is crucial to managing consent effectively.
- Focus on User Assignment:
- Keep in mind that when an admin approves a consent request, it grants access to all users by default. If you want to restrict access to only specific users, make sure the application has the User Assignment Required property set to Yes. This means only the users assigned to the application will get access when consent is approved.
- Request Specific User Access:
- If admin consent for just one user is needed, unfortunately, the typical workflow does not support this specificity directly. You'll have to manage it by assigning the app to that user manually after the consent is granted.
- Check for Global Admin Role:
- Ensure that the person trying to approve the consent request has the required roles (Global Administrator, Cloud Application Administrator, or Application Administrator).
- Use Admin Consent URL:
- You can directly call the admin consent URL if still facing issues:
https://login.microsoftonline.com/{tenant-id}/adminconsent?client_id={client-id}Follow-Up Questions:
- Can you confirm if the admin consent workflow is currently enabled in your tenant?
- Are you able to see any pending requests in the My Pending tab under Admin Consent Request?
- Have you assigned the application for user access or set the User Assignment Required property as necessary?
- Can you provide the roles assigned to the user attempting to approve the consent requests?
References:
- You can directly call the admin consent URL if still facing issues:
-
Kondeti Amrutha 40 Reputation points
2025-12-10T05:27:48.0533333+00:00 - Can you confirm if the admin consent workflow is currently enabled in your tenant? Yes
- Are you able to see any pending requests in the My Pending tab under Admin Consent Request? yes
- Have you assigned the application for user access or set the User Assignment Required property as necessary? yes
- Can you provide the roles assigned to the user attempting to approve the consent requests? Global admin or cloud administrator to check the scenario, yesterday i asked the user to sent admin consent request again but instead of my pending tabl its showing All preview tab so i cant accept permissions for all user i need to approve for only one user as per the policy its need to appear in all preview tab after one day need assistance on this
-
VEMULA SRISAI 13,030 Reputation points Microsoft External Staff Moderator
2025-12-25T10:56:36.4266667+00:00 Thanks for confirming the details. Based on your scenario:
- Why the request is not in “My Pending” tab: Since your tenant policy expires consent requests after one day, the previous request likely moved to the All Preview tab as historical data. You cannot approve from there; only active requests appear in My Pending.
- Approving for one user: Admin consent is always tenant-wide. When you approve, permissions apply to all users unless the app is configured with User Assignment Required = Yes. After granting consent, assign the app only to the intended user.
- Recommended steps:
- Ask the user to submit a new admin consent request (since the old one expired).
- Approve it from My Pending tab.
- In Enterprise Applications > Properties, set User Assignment Required = Yes.
- Assign the app only to that user under Users and Groups.
- Alternative: If you want to bypass workflow, use the Admin Consent URL:
Ensure you have Global Administrator or Cloud Application Administrator role.https://login.microsoftonline.com/{tenant-id}/adminconsent?client_id={client-id}
Reference:
https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-admin-consent-workflow
https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/grant-admin-consent?pivots=portal
Sign in to comment
1 answer
Sort by: Most helpful
-
AI answer
2025-12-09T13:43:16.8933333+00:00 It seems that you are experiencing issues with pending admin consent requests not appearing in the expected table. Here are a few points to consider:
- Pending Requests Visibility: If the request is not showing up in the pending requests table, ensure that the request was submitted correctly by the user. Only requests submitted after you were designated as a reviewer will appear in your pending requests.
- Expiration Policy: Since your tenant policy specifies that consent requests expire after one day, it's possible that the request has expired if it was submitted more than a day ago. You may want to check the expiration settings and ensure that users are aware of the time limits for their requests.
- Approving for Specific Users: When you approve admin consent, it typically applies to all users unless user assignment is configured to limit access. If you need to approve consent for a specific user, you may need to configure the application's properties to require user assignment. This way, you can control access on a per-user basis.
- Reviewing Requests: You can review admin consent requests by signing into the Microsoft Entra admin center and navigating to the Admin consent requests section. Ensure you are checking the right tabs for pending requests.
If the issue persists, consider reaching out to your organization's Microsoft Entra support for further assistance.
References:
AI-generated content may be incorrect. Read our transparency notes for more information.