Grant admin cosent for API permission of the app

[dene14]

Hello! I'm trying to automate application creation in AzureAD. Most of the things I can do in the code, but after code is provisioned I still have to go into AzureAD webconsole -> Application -> API permissions and do ClickOps to grant admin consent.

How can I automate this action?

Thank you

[CoreyLivingston]

It depends on the permission type.

For delegated permissions, take a look at service_principal_delegated_permission_grant https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/service_principal_delegated_permission_grant

For application permissions, you'll want an app_role_assignment https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/app_role_assignment

In each case, you'll need to associate them with the service principal.

[manicminer]

hi @dene14, thanks for opening this issue.

Using the resources linked to by @CoreyLivingston, you are able to grant admin consent for either a delegated permission or an app role.

We use GitHub issues for tracking feature requests and bugs in the Azure provider, and to maintain focus on that we instead ask that broader questions are raised using our Community Resources. Accordingly I'm going to close this issue, but I believe you should be able to get further assistance on the community discussion portal.