iOS中的Azure AD身份验证

Question

I build an iOS application, am trying to authenticate against Azure AD 2.0.

My web API gives me proper data when I send a valid token after Azure AD authentication.

I am trying to use ADAL:

https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-integrating-applications

Am I doing it right? If I am able to get a valid auth token, how would I ensure everytime that the token is valid and I done need to ask credentials to user?

I am following this link step by step, Unfortunately I get into error after entering my credentials - Need Admin Approval yourapp needs permission to access resources in your organization that only an admin can grant. Please ask an admin to grant permission to this app before you can use it

have an admin account ? Sign in with that account

return to the application without granting consent

request id: XXX correlation id: xxx timestamp: xxx Message: AADSTS90094: is requesting permission which you are not authorized to grant. Contact your adinistrator, who can grant permissions to this application on your behalf

Advanced diagonistics: Enable If you plan on getting support to this issue, turn this on and try to reproduce the error. this will collect additional information that will help troubleshoot the issue. ideally it should display the concent page, as per the link... what steps am i missing ?

Answer 1

Try using your global administrator account (ie the onmicrosoft.com account) that was used when your tenant was first created. A regular admin may not work for this.

The user needs to be assigned global admin access to the application itself. Please post a screenshot of the user permissions in your portal.