This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 55.00000000000001%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDO%3C/text%3E%3C/svg%3E)
I have developed a multi-tenant Microsoft Teams tab app that is registered in Tenant 1 (where it was initially created). Interestingly, the app doesn't require admin approval in Tenant 1, but it does require admin approval when deployed to Tenant 2. I'm trying to figure out why this is happening, as I need to distribute this app across multiple tenants without requiring admin approval each time.
The app was registered using a multi-tenant Azure AD app registration. I have registered a verified domain and updated all references in my code from '/(my domain ID)' to '/common'.
The permission scopes I'm using are:
"User.Read",
"AppCatalog.Read.All",
"User.ReadBasic.All",
"Calendars.ReadWrite",
"OnlineMeetings.ReadWrite",
"People.Read".
In Tenant 2, I have ensured that the setting 'All users can consent for any app to access the organisation's data' is enabled.
Despite these settings, the app still requires admin approval when deployed to Tenant 2. Am I missing something in my configuration? Are there other factors that could cause the app to require admin approval in Tenant 2 but not in Tenant 1? Any suggestions to resolve this issue would be greatly appreciated.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Daniel O'Sullivan ,
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
The issue was that I needed to add a verified publisher MPN id to the Azure AD multi-tenant app registration. I still haven't done this yet as I'm having some issued with separate domain tenants but I have been informed this is what was causing the admin consent issue.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 57.99999999999999%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAO%3C/text%3E%3C/svg%3E)
The issue was that I needed to add a verified publisher MPN id to the Azure AD multi-tenant app registration. I still haven't done this yet as I'm having some issued with separate domain tenants but I have been informed this is what was causing the admin consent issue. [It won't let me delete this comment]
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 85%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENM%3C/text%3E%3C/svg%3E)
@Daniel O'Sullivan - Could you please verify the following scenarios:
Thanks,
Nivedipa
If the response is helpful, please click "Accept Answer" and upvote it. You can share your feedback via Microsoft Teams Developer Feedback link. Click here to escalate.