saml2 against azure trows admin aproval

15 views
Skip to first unread message

Christian Andres Galleguillos Carmona

unread,
Oct 1, 2021, 12:10:04 PM10/1/21
to SimpleSAMLphp
Hi, im new on simplesamlphp and we need to integrate to azure tenant, i followeed all how tos but when we try to login trows than we need admin aproval 

i some part says that disablen consent can work but i dont see a part to disable this

"In your authConfig.js, look into a parameter called loginRequest

// Add here scopes for id token to be used at MS Identity Platform endpoints.
const loginRequest = {
scopes: ["User.Read"]
};

In the above you might have added something called Prompt: “consent” (as indicated below). Remove this line. Only scopes: ["User.Read"] is required. This should solve the issue.

// Add here scopes for id token to be used at MS Identity Platform endpoints.
const loginRequest = {
scopes: ["User.Read"]
prompt: “consent”

};"

any help 

best
68764-image.png

pra...@gmail.com

unread,
Oct 1, 2021, 4:29:28 PM10/1/21
to SimpleSAMLphp
I think you'll need to direct your question to a Microsoft support site, or review microsoft's documentation on users consenting to applications. Each Azure tenant can define their own rules on whether end users can consent on their own or if the admin is required to approve apps.

- Patrick

Reply all
Reply to author
Forward
0 new messages