search

Azure-Samples / active-directory-dotnet-graphapi-web

A .NET 4.5 MVC web app that demonstrates how to query the Azure AD Graph API using the Azure AD Graph Client Library
82 stars 68 forks source link

Admin Consent version? #46

Open mhomol opened 7 years ago

mhomol commented 7 years ago

Does anyone know what a modified version of this would look like that would do the Admin consent prompt from Azure for Restricted Scopes? That would be incredibly valuable in this sample.

VitorX commented 7 years ago

If we are developing an single-tenant and register the app from the Azure portal or Azure classic portal, there is no need to use the admin consent. When we register the app, the admin consent already be granted.

And if you want to use the admin consent in any web app supports Katana, we can add this parameter using the code below:

Notifications = new OpenIdConnectAuthenticationNotifications()
{
          RedirectToIdentityProvider= context => {
                     context.ProtocolMessage.Prompt = "admin_consent";
                      return Task.FromResult(0);
          }
}