![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 36%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
25,147 questions
Hi @kumar · Thank you for reaching out.
When a member user of tenant X consents for multitenant App registered in tenant Y, the consent information is stored in user's tenant i.e., tenant X in this case. Once a user accepts the consent, a service principal gets created in his tenant and this information can be found under that service principal. To see the information you need to navigate to below location in tenant X:
Azure Active Directory > Enterprise Applications > Search with App ID or App Name under All Applications > Open the app > Click on Permissions blade
By clicking on the link under Granted by, you can see all the users who have consented for the given permission.
You can use Get-AzureADOAuth2PermissionGrant PowerShell cmdlet for this purpose as well.
Where can we see the consent logs of invited users incase of app registered as personal account?
We recommend not to use 'common' endpoint (https://login.microsoftonline.com/common), as personal accounts cannot provide admin consent except in the context of a tenant. To ensure best compatibility with personal accounts that manage tenants, use the tenant ID when possible. Permission will be saved in the tenant, whose tenant ID you specify in the request e.g. https://login.microsoftonline.com/tenantX.onmicrosoft.com.
This is documented in tenant parameter under Request the permissions from a directory admin.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.