![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 13%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDH%3C/text%3E%3C/svg%3E)
25,081 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Duy Huynh ,
Thanks for reaching out.
From your query I understood that you are getting error when trying to aquire the token using console app's identity.
This error is generally due to when scopes are not defined correctly or admin consent has not been granted for the defined permissions.
As per sample , application permissions has been assigned to the application.
Application permissions has been used when there is no user interaction so these permissions always require admin consent ahead of time where as Delegated permissions has been used where application need to signed in user, in that admin consent is require only for some specific permissions.
Admin consent can be granted by clicking on Grant Admin consent for {Tenant Name} by navigating to Configured Permissions in Application Registration->Manage-> API permissions
Once Admin consent has been granted, status of the permissions has been changed to granted to access the application and allow your application to get the token with defined scopes and further access the resources based on scopes in the token.
Hope this will help.
Thanks,
Shweta
---------------------------------------------------------------------------------------
Please remember to "Accept Answer" if answer helped you.