Hi @Victor Chin
1.You must make sure that the external application is a multi-tenant application.
2.Group admins can't grant admin consent, only global admins can grant admin consent on behalf of the organization.
After you grant admin consent, the multi-tenant app will join your tenant as an enterprise app with all the permissions you consented for the app.
https://login.microsoftonline.com/{id of the target tenant}/adminconsent?client_id={client id}
Hope this helps.
If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.