Admin Consent Required Warning even though i have used the toggle button and have the consent or user and admin

0
votes

I have created a web API in the azure portal. I have also exposed a scope for this web api something like this api://client-id-of-the-web-api/user.read

Now i want to register an app which is going to be a deamon app client. I have registered it and generated a client-id and a secret

Now i go the API permissions and add the web API but no matter what i do the admin consent is always required.

When i exposed the scope for the web api i have used to toggle button and selected that admins and users can consent.

1
azure

1 Answers

0
votes

A daemon client cannot use the permissions you define on the expose API page, as those are delegated permissions. They only apply when there is a user signed in. A daemon app acts as itself with no user involved.

To support a daemon app, you need to define application permissions in your app manifest (there is no UI for them yet). They will always need admin consent though.

More about permissions: https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-protected-web-api-app-registration#if-your-web-api-is-called-by-a-daemon-app