We created a new Azure AD connection recently. We have asked Azure AD admin to apply consent.
When using connection “TRY” feature, it always prompted us “Require Admin Consent”.
We also tried other existing Azure AD connections with “TRY”, it doesn’t work any more.
Any change to this feature? Are we doing anything wrong there?
Hey @zhi.zhang, I wanted to reach out and mention that it appears you have a support ticket open as well. I will hold back and let our support team help you on the current issue you are facing but will be sure share the resolution once the case is complete to possibly help others down the road, thanks!
To follow up on this topic for historical context, the support case was concluded through the assistance of one of our senior engineers.
The resolution ended up being in this particular situation the dashboard TRY option initiates a login request to Azure AD with the inclusion of prompt=consent parameter. Below is a direct quote for more context.
You can confirm this by, instead of clicking the button, copying the target link address and then inspecting the URL in your text editor of choice.
You can even remove the prompt=consent parameter and then paste the modified URL into a new browser tab which should allow you to do the login request without consent being requested if consent was already given (if you do this on a browser session with a user already authenticated in Azure AD you will likely even not see any Azure AD screens).
The reason that the dashboard always includes this parameter is to allow for the try flow to always go through the full login flow. Your client application will, in general, not include this parameter so end-users themselves should not experience this behavior.