[policyrecordingbot] permission needs to be consented by tenant admin for MS Graph API - giving an error

[Manojb86]

Hi,

How do you guys give the admin consent permission for access MS graph API (Calls.AccessMedia.All and Calls.JoinGroupCall.All)? If can give the steps to achieve that, that would be really great.

When I try all ways this URL "https://login.microsoftonline.com/common/adminconsent?client_id=&state=12345&redirect_uri=https://token.botframework.com/.auth/web/redirect" throw me error as shown below.

I followed method mention in the below link as well, is it the correct way to add the admin consent to the policy bot? Add authentication to a bot: https://docs.microsoft.com/en-us/azure/bot-service/bot-builder-authentication?view=azure-bot-service-4.0&tabs=aadv2%2Ccsharp#azure-ad-identity-service

[brandonteran]

@Manojb86 Do you have admin privileges for the tenant? If you do, you can do the following:

Go to your AAD app and add the following to your Manifest file:

Save the Manifest changes and go to this url (change YOUR_APP_ID_HERE to whatever your App ID is): https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id=YOUR_APP_ID_HERE&redirect_uri=http://localhost&prompt=admin_consent

Sign in with your admin account, and click accept. If it works, you should get a "localhost refused to connect error". Take a look at the url. The code= parameter will contain your auth token.

[Manojb86]

thank you for your reply. I solved my issue by granting admin consent from API permission. For that need to have admin privileges in the relevant tenant.