![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 11%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
25,051 questions
Hi @Raghavendra · Thank you for reaching out.
I can think of 2 reasons for this issue:
- Please check if your authentication request includes
prompt=consentparameter, when this parameter is passed, users are prompted with a consent prompt each time they access the application. Ref. https://learn.microsoft.com/en-us/dotnet/api/microsoft.identity.client.prompt?view=azure-dotnet - The application might be requiring permissions which require admin consent. Please use below url to grant admin consent for entire organization/tenant:
https://login.microsoftonline.com/{tenant-id}/adminconsent?client_id={client-id}
If the users are getting consent prompt only at the initial sign-in and not afterwards, it must be due to the requirement of user consent. This depends on what permissions you have included in the scope parameter of your authentication request. For certain scopes, user consent is required. If this is the case, follow step 2 that I have shared in my answer above. Users will not be required to provide consent as admin has already provided consent for entire organization.
If users are repeatedly getting consent prompt, even after consenting, you must update your code to not include prompt=consent in the request.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.