Admin consent fails on first try, succeeds if retried

Mohan Krishna Pechetti 1 Reputation point
2021-08-13T16:49:27.497+00:00

when we install app in org-level first time got error. after retry it is succeed
what is problem with that?

Error: Operation: Create; Exception: [Status Code: Forbidden; Reason: The request is not authorized for this user or application.]

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,812 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 37,056 Reputation points Microsoft Employee
    2021-08-20T21:08:29.617+00:00

    This error can also occur when a user is prevented from consenting to an application due to Microsoft detecting that the permissions request is risky. In this case, an audit event will also be logged with a Category of "ApplicationManagement", Activity Type of "Consent to application" and Status Reason of "Risky application detected". That might be a reason for it to succeed on the retry.

    Other possibilities are that there was a permission change or a delay between data centers.

    Do you get any audit events or additional errors?

    I would recommend visiting the troubleshooting guide for more clues.

    Without having insight into your tenant, we may need to open a support case for this. I am leaving details for how to claim this option in a private comment for you.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.