Share via

Onedrive Authorization Issue

Mageshwari SS 20 Reputation points
2025-01-03T05:45:14.4766667+00:00

Hi Support Team,

We encounter the problem "Need admin approval" when we try to authorize OneDrive using oauth 2.0. The below urls are used

Auth URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize

Access Token URL:https://login.microsoftonline.com/common/oauth2/v2.0/token

Scope: offline_access files.readwrite.all

Clientid and clientsecrets are created using microsoft azure portal of free trail account.

The screenshot of authorization issue

Image

Thanks and Regards,

Mageshwari

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,760 questions
OneDrive
OneDrive
A Microsoft file hosting and synchronization service.
1,252 questions
OneDrive Management
OneDrive Management
OneDrive: A Microsoft file hosting and synchronization service.Management: The act or process of organizing, handling, directing or controlling something.
1,319 questions
0 comments
Accepted answer
  1. CarlZhao-MSFT 44,591 Reputation points
    2025-01-03T06:24:25.0633333+00:00

    Hi @Mageshwari SS

    Try logging into your MS Entra ID as a global admin, then find the calling app and grant admin consent for the above permissions.

    User's image

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 111.6K Reputation points MVP
    2025-01-03T07:24:19.79+00:00

    A while back, Microsoft started enforcing the need for admin consent for any "risky" apps, such as ones from unverified publishers. If this is an application you plan to use across multiple tenants, it is best to provision it within a proper, paid tenant, with the Publisher verification process completed. If it's an app you plan to use in your own tenant, provision it therein as a single-tenant application instead.

    Alternatively, you can ask an admin for consent as suggested above, or disable the step-up consent requirement for risky apps as detailed for example here: https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-risk-based-step-up-consent

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.