25,129 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 63%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMB%3C/text%3E%3C/svg%3E)
This error means it need either admin or user consent
to add admin consent
go to application
then API permissions
select Grant admin consent
How to fix AADSTS65001
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 35%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHB%3C/text%3E%3C/svg%3E)
HASSAN BIN NASIR DAR
391
Reputation points
Hi,
I am going to tenant to tenant migration by bititan. For the modern authentication, I have registered a new app registration in Azure AD. I am getting this error:
our migration failed while checking destination credentials. AADSTS65001: The user or administrator has not consented to use the application with ID 'xxxxxxxxxx' named 'MYAPP'. Send an interactive authorization request for this user and resource. Trace ID: xxxxxxxxxxxxxxxxxx Correlation ID: xxxxxxxxxxxxxxxxxxxx Timestamp: 2023-01-11 10:37:54Z
Can you give me any tip to resolve this issue?
I had followed these steps: (Please find snapshots)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
2 answers
Sort by: Most helpful
-
-
JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator2023-02-27T22:29:59.25+00:00 Thank you for your detailed post and I apologize for the delayed response!
Error Message:
AADSTS65001: The user or administrator has not consented to use the application with ID 'xxxxxxxxxx' named 'MYAPP'. Send an interactive authorization request for this user and resource. Trace ID: xxxxxxxxxxxxxxxxxx Correlation ID: xxxxxxxxxxxxxxxxxxxx Timestamp: 2023-01-11 10:37:54ZFrom your error message, this usually occurs when you missed granting admin consent to the added scope while retrieving an access token. As shown in your second screenshot, it looks like you added the API permission
EWS.AccessAsUser.All, and needed to Grant admin consent.To resolve your issue, please make sure you grant admin consent:
- Sign in to the Azure portal with one of the roles listed in the prerequisites section.
- Select Azure Active Directory, and then select App registrations.
- Select the application to which you want to grant tenant-wide admin consent.
- Select API permissions.
- Carefully review the permissions that the application requires. If you agree, select Grant admin consent.
I hope this helps!
Additional Links:
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.