How to grant admin consent at user level instead of Directory(tenant) level

R, Meena 1 Reputation point
2022-06-22T14:47:09.703+00:00

In The Microsoft identity platform of Micorosoft Azure ....Can we grant admin consent at user level instead of Directory(tenant) level ...If yes, Please help to with the steps to achieve the same

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,725 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Alfredo Revilla (Ex-MSFT) 26,756 Reputation points
    2022-06-22T21:50:19.317+00:00

    Hello @R, Meena , you can grant consent on a per user basis using MS Graph trough Powershell or REST.

    Sample for granting consent to Exchange Web Services:

       Connect-MgGraph -Scopes "DelegatedPermissionGrant.ReadWrite.All"  
       New-MgOauth2PermissionGrant -ClientId <APP REGISTRATION CLIENT ID> -ConsentType "Principal" -PrincipalId <USER OBJECT ID> -ResourceId "00000002-0000-0ff1-ce00-000000000000" -Scope "3b5f3d61-589b-4a3c-a359-5dd4b5ee5bd5"  
    

    Let us know if this answer was helpful to you or if you need additional assistance. If it was helpful, please remember to accept it and complete the quality survey so that others in the community with similar questions can more easily find and rate a solution.