![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 25%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ3%3C/text%3E%3C/svg%3E)
25,207 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @J-3804 ,
I understand that enterprise admins are receiving the admin consent prompt even though you already granted admin consent for the application. This could be occurring for a few reasons and I would recommend checking these possibilities from the Troubleshooting Guide:
- Following Microsoft's recommendations and best practices, many organizations have disabled or limited users' permission to grant consent to apps. If an application forces users to grant consent every time they sign in, most users will be blocked from using these applications even if an administrator grants tenant-wide admin consent. If you encounter an application which is requiring user consent even after admin consent has been granted, check with the app publisher to see if they have a setting or option to stop forcing user consent on every sign in. If this is the case I would recommend reaching out to Rocketbook support. https://rocketbookhelp.zendesk.com/hc/en-us/articles/360024004933-Integration-with-Microsoft-OneNote-for-Business-and-OneDrive-for-Business#:~:text=As%20an%20admin%2C%20you%20can%20grant%20the%20consent,will%20see%20the%20following%20permissions%20that%20were%20granted.
- The application has been configured to require assignment. Individual user consent isn't currently supported for apps that require assignment; thus the permissions must be granted by an admin for the whole directory. If you configure an application to require assignment, be sure to also grant tenant-wide admin consent so that assigned user can sign-in.
- The set of permissions required by the application has changed by the developer and needs to be granted again.
- The user who originally consented to the application wasn't an administrator, and now a different (nonadmin) user is using the application for the first time.
- The user who originally consented to the application was an administrator, but they didn't consent on-behalf of the entire organization.
- The application is using incremental and dynamic consent to request further permissions after consent was initially granted. Incremental and dynamic consent is often used when optional features of an application require permissions beyond those required for baseline functionality.
- Consent was revoked after being granted initially.
- The developer has configured the application to require a consent prompt every time it's used (note: this behavior isn't best practice).
It may also be worth noting that when you log in to the application as a normal user for the first time, the system will prompt you whether to accept the request permission of the application. After you click "Accept", the request window will not pop up when you log in to the application next time.
To isolate the issue, I would recommend following the troubleshooting steps of comparing the permissions requested and granted for the applications, viewing user assignment settings, and reviewing tenant-wide user consent settings.
If you have tried out all the above to no avail, then this will require more in-depth investigation, screenshots of your settings and error logs, and a support case.
If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar issues.