How to grant admin consent at user level instead of Directory(tenant) level

asked 2022-06-22T14:47:09.703+00:00
R, Meena 1 Reputation point

In The Microsoft identity platform of Micorosoft Azure ....Can we grant admin consent at user level instead of Directory(tenant) level ...If yes, Please help to with the steps to achieve the same

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,563 questions
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. answered 2022-06-22T21:50:19.317+00:00
    Alfredo Revilla (MSFT) 15,561 Reputation points Microsoft Employee

    Hello @R, Meena , you can grant consent on a per user basis using MS Graph trough Powershell or REST.

    Sample for granting consent to Exchange Web Services:

       Connect-MgGraph -Scopes "DelegatedPermissionGrant.ReadWrite.All"  
       New-MgOauth2PermissionGrant -ClientId <APP REGISTRATION CLIENT ID> -ConsentType "Principal" -PrincipalId <USER OBJECT ID> -ResourceId "00000002-0000-0ff1-ce00-000000000000" -Scope "3b5f3d61-589b-4a3c-a359-5dd4b5ee5bd5"  
    

    Let us know if this answer was helpful to you or if you need additional assistance. If it was helpful, please remember to accept it and complete the quality survey so that others in the community with similar questions can more easily find and rate a solution.