We have implemented the admin consent OAuth flow for our Rooms Overview application. This is necessary because our app requires application-level permissions, which, under standard Azure configuration, typically require approval from an Azure administrator. However, this requirement may vary based on your organization's policies.
Why Are Users Blocked?
Until the Rooms Overview app is properly registered in your organization's Microsoft Entra directory, users without admin privileges will be blocked when attempting to authenticate their calendar. This is because they do not have the necessary rights to grant all the permissions required for the app to function correctly.
What users will see and be able to do varies depending on your Microsoft configuration, resulting in 2 main cases for non-admin users:
- When the admin consent workflow is not configured, non-admin users will just get a blocker message and are invited to contact their Azure adminstrator:
- For organizations where the admin consent workflow is enabled, non-admin users can request access to their administrators directly from the Oauth permission prompt. Azure administrators will be notified and will be able to grant consent from the Azure console.
Prompt for non-admin Azure users when the Admin consent flow is enabled
How to Resolve This Issue
To enable calendar authentication for all users, follow our initial configuration recommendations:
- Ensure that an Azure administrator in your organization properly registers the app in your Microsoft Entra tenant.
For detailed instructions, refer to:
- our setup guide on registering the application with the necessary permissions:
- Microsoft documentation regarding app consent: