Skip to main content

EntraID App - Require Admin Consent to allow user

Admin Consent - Allowing a User to Authenticate to an EntraID app 

The admin consent I'm talking about below is simply authentication.  It is different to the admin consent required under API Permissions.  In API Permissions, we're typically allowing the app to make changes to user accounts and/or work across any user.   In this example, we are simply allowing the user to login to the app, when the admin normally needs to provide consent for authenticating to the app.  This is becoming more common as Enterprise Admin lock down what users can do with their company accounts.

This admin consent is required when adminstrators prevent users from authenticating to an external application using EntraID. 

1) From the App Registration, select Overview, then the Managed Application itself. 




2) From the Managed Application, select Security, Permissions, and enable Admin Consent. 



Comments

Post a Comment

Popular posts from this blog

Fixing a https Cert in Windows

 I renewed a https cert today in Windows and had problems with the new Cert sticking in Windows It would add fine, without error, but would disappear when the IIS Server Certificates screen would refresh.  Open the Certificates in MMC (Local Machine) and inspecting the Web Hosting gave a clue, the new certificate was there, but with a key - the private key was missing.  Could be because the original certificate was created on a completely different machine and imported to this new server.  At any rate, a simple certutil command fixed it .  A tip I received from  SSL disappears from the certificate list on Windows server - SSL Certificates - Namecheap.com Key steps are:  Double-click the certificate and go to  Details  tab. In certificate details locate the  Serial Number  field, click on it and copy its value. Open Command Prompt, pressing  Win+R  and typing  cmd , then click  OK In the command prompt type: ...
Post a Comment
Read more

How to Sign a C# .Net WPF Application

  To sign a C# WPF .NET 6 application, you can follow these steps: Generate a strong name key pair: Open the Developer Command Prompt for Visual Studio (search for it in the Start menu). Navigate to the project directory using the cd command. Run the following command to generate a strong name key pair: Copy code sn -k keypair.snk Configure your project to use the strong name key pair: In Visual Studio (prior to 2022), open your WPF project. Right-click on the project in the Solution Explorer and select "Properties." In the project properties, go to the "Signing" tab. Check the "Sign the assembly" checkbox. Click the "..." button next to the "Choose a strong name key file" field and browse to select the keypair.snk file you generated in the previous step. Click "OK" to save the changes. Configure the project for ClickOnce deployment (optional but recommended for distributing your application): In the project properties, go t...
Post a Comment
Read more

Ever need to reset a password in Bonobo Git Server ?

So, you've forgotten your password to bonobo git. Step 1: Get access to the sqlite file, probably called something like  Bonobo.Git.Server.db, sitting in the "wwwroot\Bonobo.Git.Server\App_Data" directory. Step 2: Using another tool, generate an md5 hash of your new desired password (as far as I know, sqlite does not have md5 capability) Step 3: Back in sqlite, using SQL, update the relevant user record, something like update User set Password = UPPER( 'thenewMD5hash') where Username = 'admin' ; Step 4: That's it, you are done, log in with your newly found password.
2 comments
Read more