Multi-tenant server-to-server authentication - User consent issue

1

I have followed this walkthrough to create a multi-tenant web application that can connect to Dynamics 365 CE Online. Walkthrough: Multi-tenant server-to-server authentication.

When I ran the app for the first time and tried to sign in to the Dynamics CRM, it asked me to provide a consent that I accepted. And then it returned the below error:

Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException HResult=0x80131500 Message=AADSTS65001: The user or administrator has not consented to use the application with ID 'XXX' named 'MvcCrmStsWalkthrough'. Send an interactive authorization request for this user and resource.

For subsequent tries, it didn't ask for consent. However, kept returning the aforementioned error.

What I have used for this POC

  • Dynamics CRM Online trial
  • Azure Active Directory service that was included by default with the CRM trial and was enough to perform application registration on Azure AD
  • Visual Studio 2017 community edition

What I have tried so far

  • In Azure AD I already have granted permission using the 'Grant Permission' button on the registered app Settings > Required Permissions (Seems accepting user consent through my custom app does the same)
  • Setting oauth2AllowImplicitFlow to true in the Azure AD app manifest
  • I verified that the O365 account that I am using to log in through the app has Global Administrator directory role in the AD

Sample code

Exactly the same as mentioned in the walkthrough

azure
dynamics-crm
azure-active-directory
dynamics-crm-online
dynamics-365
asked on Stack Overflow Nov 20, 2018 by Khadim Ali • edited Nov 20, 2018 by Khadim Ali

0 Answers

Nobody has answered this question yet.


User contributions licensed under CC BY-SA 3.0