How to Grant Admin Consent for app roles using graph API

Question

I created an app in AAD (App1).
I added app Roles to the manifest.
I created another app in AAD (App2) (same tenant)
I added API permissions to App2 for one of the roles configured in App1.
As the owner of App2, I can log in to the portal, and grant Admin consent for App2

I need to do all of the above via API calls, ideally without any human interaction. I can do Steps 1 - 4, and that is working perfectly via API calls.

Which API call do I use to grant admin consent (step 5). Note that I need to grant consent for an App Role, and NOT an OAuth scope. Also note that the App Role is NOT one from one of the standard Microsoft services (i.e., Graph)--it is for a custom role created in my own app.

Did you ever figure this one out? Looking at the same thing myself currently. — PMental

Alfredo R Alfredo R · Accepted Answer · 2020-02-24T22:17:32

Applications must use the admin consent endpoint to request Application Permissions, this must be done interactively. Take a look at Request the permissions from a directory admin.

How to Grant Admin Consent for app roles using graph API

1 Answers