Managing user consent to apps in Microsoft 365

This setting controls whether users can give that consent to apps that use OpenID Connect and OAuth 2.0 for sign-in and requests to access data. An app can be created from within your own organization, or it can come from another Microsoft 365 organization or a third-party.

If you turn this setting on, those apps will ask users for permission to access your organization’s data, and users can choose whether to allow it. If you turn this setting off, then admins must consent to those apps before users may use them. In this case, consider setting up an admin consent workflow in the Entra admin center so users can send a request for admin approval to use any blocked app.

A user can give access only to apps they own that access their Microsoft 365 information. They can't give an app access to any other user's information.

Here's how to turn User consent to apps on or off.

  1. In the Microsoft 365 admin center, go to the Settings > Org settings > Services page, and then select User consent to apps.

  2. On the User consent to apps page, select the option to turn user consent on or off.

Configure the admin consent workflow (article)
Managing consent to applications and evaluating consent requests (article)