Problem statement
We have followed all the instructions on marking the integration as First-party, but we can’t seem to avoid the consent prompt when completing authentication. It also doesn’t “remember” that consent was given, and every authentication event causes it to re-prompt again for consent.
Cause
- The
/authorizerequest was including the prompt=consent query parameter on every request.
– When redirecting to the /authorize endpoint, including the prompt=consent parameter will force users to provide consent, even if they have an existing user grant for the application and requested scopes.
Solution
We recommend removing the prompt=consent query parameter from the /authorize request to restore the default behavior.
More information on user consent can be found here: User Consent and Third-Party Applications