Auth0 Home Blog Docs

Azure AD prompts for consent even after an admin has consented

consent
authentication
azure-ad
ad
azure

#1

Perhaps this question is better suited to the Azure forums, but perhaps hopefully someone here has experienced this issue as well.

I’ve gone through the steps of setting up an Azure AD connection in Auth0 following the getting started guide. This of course requires an admin level privilege in Azure (Read Directory Data). I’ve had an admin give consent by using both the Auth0 provided link when setting up the connection and through the Azure Console. However, when I attempt to test the connection and login using a regular account, I’m prompted for consent again (which fails because my account is not an admin in Azure). Surely I’m missing something simple.

I’ve also taken the same steps to create a connection from Auth0 to my own personal Azure AD instance (so I’m the admin). This results in being prompted for consent every time I log in, but this time I’m able to grant consent as an admin and everything works for that account. However, if I then login to my personal AD with a non-admin account I face the same problem and can no longer authenticate.

Thanks in advance for any help/advice you can give!


#2

I should note that I’m currently testing the connection using the Auth0 console with the “Try” option under connections.


#3

I determined the problem was that in testing through the “Try” functionality in the Auth0 console. Using it inserts “prompt=consent” into the query which causes Azure AD to always prompt for permission despite permission already being given by an admin. So my own fault for not fully understanding the parameters and the means by which I was testing them.


#4