Using Azure Active Directory in a multi-tenant environment.
Admin has given consent to the application for all users to log on.
Users have been restricted from consenting.
After admin has given consent users are still not able to log on and receive the "AADSTS90093: Does not have access to consent." error.
The way in which you did admin consent was probably erroneous or you were not signed into an admin account. Try out one of these two ways:
Inside the Azure Portal, login to an admin account, go to the App Registration blade, select your app, and hit the Grant Permissions button.
Construct a new auth request and append on &prompt=admin_consent.
This error is caused when your app is requesting an admin-restricted scope. These are scopes that require an admin to consent on behalf of their users.
