When using authenticateUserWithMicrosoft, prompt=consent is always added.
This blocks users from authenticate if the orginization doesn't allow non-admin users to consent wish to make admin consent for the Entreprise Application.
This approach is used more and more for higher security level in Azure AD.
When a admin has granted consent for all users (or group of users) for the App, adding prompt=consent causes the app to always prompt for user consent even when the admin already have made the consent.
The best approach in the senario would be to allow prompt parameter to be controlled when calling authenticateUserWithMicrosoft
In FirebasePlugin.java the parameter is added in line 2296: customParameters.put("prompt", "consent");
In FirebasePlugin.m the parameter is added in line 1057: [customParameters setValue:@"consent" forKey:@"prompt"];
Version 16.4.0
When using authenticateUserWithMicrosoft, prompt=consent is always added.
This blocks users from authenticate if the orginization doesn't allow non-admin users to consent wish to make admin consent for the Entreprise Application.
This approach is used more and more for higher security level in Azure AD.
When a admin has granted consent for all users (or group of users) for the App, adding prompt=consent causes the app to always prompt for user consent even when the admin already have made the consent.
Please see:
https://stackoverflow.com/questions/60111863/azure-active-directory-needs-admin-approval-after-setting-prompt-consent for a in dept description.
The best approach in the senario would be to allow prompt parameter to be controlled when calling authenticateUserWithMicrosoft
In FirebasePlugin.java the parameter is added in line 2296: customParameters.put("prompt", "consent"); In FirebasePlugin.m the parameter is added in line 1057: [customParameters setValue:@"consent" forKey:@"prompt"];