[英]AADSTS90093:Calling principal cannot consent due to lack of permissions in Azure Active directory
We have a requirement to integrate the Web application to Azure active directory Multi-tenant authentication. 我们需要将Web应用程序集成到Azure活动目录多租户身份验证。 We have changed the end point URL to " https://login.microsoftonline.com/common ".
我们已将端点URL更改为“ https://login.microsoftonline.com/common ”。 We tried to login to our application with our work email id.
我们尝试使用工作电子邮件ID登录到我们的应用程序。 We got the following Error.
我们收到以下错误。
Additional technical information: 其他技术信息:
Correlation ID: 72ec287c-XXXX-XXXX-XXXX-4bf49d167541 Timestamp: 2017-04-07 09:48:57Z AADSTS90093: Calling principal cannot consent due to lack of permissions. 相关ID:72ec287c-XXXX-XXXX-XXXX-4bf49d167541时间戳记:2017-04-07 09:48:57Z AADSTS90093:由于缺少权限,呼叫委托人无法同意。
We have find that we missed some permissions to our Application in AD.Could anyone please help us what kind of permissions need to provide. 我们发现我们错过了对AD中应用程序的某些权限。任何人都可以帮助我们提供什么样的权限。
Thanks in advance. 提前致谢。
The error is saying that the user who is logging in cannot give consent for the app. 错误是指正在登录的用户无法同意该应用程序。 When you log in from a tenant where the app is not yet consented, you must be an AAD admin.
当您从尚未同意该应用程序的租户登录时,您必须是AAD管理员。
This error indicates that the users are not able to give the consent to the app. 此错误表明用户无法同意该应用。
There are two permission level in Azure AD developing, one requires administrator's consent and the other doesn't. Azure AD开发中有两种权限级别,一种需要管理员的同意,而另一种则不需要。
If the app you were using was developed by your organization, you also can grant the permission via the Azure portal when it is register like figure below: 如果您使用的应用程序是由您的组织开发的,则当注册时,还可以通过Azure门户授予权限,如下图所示:
If the app was developed by other organization, please ensure the app also provide a way(maybe a separate button) to grant the consent for the organization. 如果该应用是由其他组织开发的,请确保该应用还提供了一种方式(可能是一个单独的按钮)来授予组织的同意。 Then you can notify the administrator to grant the permission for all organization.
然后,您可以通知管理员为所有组织授予权限。 More detail about the admin consent , you can refer this document .
有关管理员同意的更多详细信息,可以参考此文档 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.