App requesting admin approval after consent is given

Question

Hello,

I'm trying to use an azure application that requires admin consent.
I followed the instructions from https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/grant-admin-consent: I went into "Enterprise application", selected the wanted application, clicked on permissions and Grant admin consent and got "Admin consent was successfully granted".
When I'm trying to access the application I'm still getting the screen asking for admin approval:

Am I missing something ?

Answer 1

@Andy David - MVP The application doesn't appear in the App Registrations. The tenant hosting the application isn't in the same tenant as the account I'm using to access the application so, it does not appear here.

@Vasil Michev Since I get a message asking for the admin approval I believe that the workflow is indeed triggered. According to https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/configure-admin-consent-workflow , configuring reviewers admin grant the possibily to review or deny requests but not approve them (quote: "only global administrators can approve admin consent requests"). The next step should be https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/grant-admin-consent which is something I already did but I still get the message telling me it need an admin approval.

Answer 2

Just curious, if you go into App Registrations instead, can you see what perms have been consented and if you need to consent as admin there?
https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/grant-admin-consent#grant-admin-consent-in-app-registrations

Answer 3

Looks like the Risk-based step up consent feature was triggered (https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/configure-risk-based-step-up-consent), likely because the app is not from a verified publisher. And since you seem to also have the admin consent workflow enabled, instead of denying the consent request, it triggers the workflow.