Skip to main content
Solved

Admin approval for Sharepoint Online connector


I am IT manager and have followed guide to register new app in azure with recommended Graph and SP permissions, also granted on behalf of the org but for some reason all users are still getting this needs admin approval and it is driving me bonkers, Please can someone assist me. We are using FME 2020.2, Single Tenant and the guide i have carefully followed is here How to Create a SharePoint Web Connection for FME Form [Single Tenant] (safe.com)

 

As i am admin, the connector works fine for me with the new registered app ID and other specifics but just none else,

Best answer by kailinatsafe

mickhougthon20 wrote:

Thanks for your quick response but this has not helped, After clearning cache and testing with a test account i get' network error interaction required'

Hello @mickhougthon20​, sorry we didn't have any luck there. Would you be able to try  "&prompt=login" in the authorization URL. Please feel free to update me again if the issue persists, hopefully this will satisfy the required interaction! Best, Kailin.

View original
Did this help you find an answer to your question?

12 replies

kailinatsafe
Safer
Forum|alt.badge.img+21

Hello @mickhougthon20​ , thanks for posting! Can you try editing the Authorization URL in your sharepoint web service? Please try changing "&prompt=consent" to "&prompt=none". imageYou can also try simply removing "&prompt=consent" from the authrozation URL entirely (it should work)! Let me know if you're still having issues! Best, Kailin


kailinatsafe wrote:

Hello @mickhougthon20​ , thanks for posting! Can you try editing the Authorization URL in your sharepoint web service? Please try changing "&prompt=consent" to "&prompt=none". imageYou can also try simply removing "&prompt=consent" from the authrozation URL entirely (it should work)! Let me know if you're still having issues! Best, Kailin

Thanks for your quick response but this has not helped, After clearning cache and testing with a test account i get' network error interaction required'


kailinatsafe
Safer
Forum|alt.badge.img+21
  • Safer
  • Best Answer
  • July 28, 2023
mickhougthon20 wrote:

Thanks for your quick response but this has not helped, After clearning cache and testing with a test account i get' network error interaction required'

Hello @mickhougthon20​, sorry we didn't have any luck there. Would you be able to try  "&prompt=login" in the authorization URL. Please feel free to update me again if the issue persists, hopefully this will satisfy the required interaction! Best, Kailin.


mickhougthon20 wrote:

Thanks for your quick response but this has not helped, After clearning cache and testing with a test account i get' network error interaction required'

This has worked on my test account but i will have to see on Monday how it effects the real users. Its looking positive so far so thanks for this. Will let you know if this fixes the problem so it can maybe documented on the website for others in the FAQ :)


mickhougthon20 wrote:

Thanks for your quick response but this has not helped, After clearning cache and testing with a test account i get' network error interaction required'

Thank you so much this has been confirmed as workjng across our tenant now, :)


kailinatsafe
Safer
Forum|alt.badge.img+21
mickhougthon20 wrote:

Thanks for your quick response but this has not helped, After clearning cache and testing with a test account i get' network error interaction required'

Thank you for the update @mickhougthon20​, glad we got it working! Kailin.


mickhougthon20 wrote:

Thanks for your quick response but this has not helped, After clearning cache and testing with a test account i get' network error interaction required'

Thank you, I will try it.

 

 

 

 

 

 

 

Thank you, I will try it. First of all, Ensure that the app registration has been granted consent by an admin in your organization. One of my friends is searching for a writing service. Here you can find important sources of assignments by seeing reviews, exposing both its advantageous features and potential drawbacks. From diverse services to intermittent delays, they present an unbiased evaluation to aid your choice. This is the best platform for students.


angwan
Contributor
Forum|alt.badge.img+6
  • Contributor
  • August 18, 2023

Hi @kailinatsafe, I've similar problem as @mickhoughton20, as a user, I cant go through, the prompt to request admin approval keeps popping up. But when the it manager logs in as himself in the prompt, it is success. We also wonder where the request emails go to.


nampreetatsafe
Safer
Forum|alt.badge.img+12

@angwan​  Can you please confirm that you have verified that you have you have the correct &prompt value for your Authorization URL for your Sharepoint configuration: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow#send-the-sign-in-request

image001In the Microsoft Graph API authorization URL, the "prompt" parameter is used to specify whether the user should be prompted to sign in or to consent to the requested permissions.  Consider removing &prompt=consent from the authorization url, or change to &prompt=none. The following options are available for the "prompt" parameter:

  • "login": The user will be prompted to sign in, even if they have already signed in before.
  • "consent": The user will be prompted to consent to the requested permissions, even if they have already consented before.
  • "select_account": The user will be prompted to select an account to sign in with, and then they will be prompted to consent to the requested permissions.
  • "none": The user will not be prompted to sign in or consent, and the authentication request will fail if the user is not already signed in and has not already consented to the requested permissions. This option is only recommended if you are sure that the user has already signed in and has already consented to the requested permissions.

By default, if the "prompt" parameter is not specified, the user will be prompted to sign in and consent to the requested permissions if necessary. We've had users who have overcome this by setting the "prompt" to one of the options above as well (i.e. &prompt=select_account). Let us know if you have any luck.


angwan
Contributor
Forum|alt.badge.img+6
  • Contributor
  • August 23, 2023
nampreetatsafe wrote:

@angwan​  Can you please confirm that you have verified that you have you have the correct &prompt value for your Authorization URL for your Sharepoint configuration: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow#send-the-sign-in-request

image001In the Microsoft Graph API authorization URL, the "prompt" parameter is used to specify whether the user should be prompted to sign in or to consent to the requested permissions.  Consider removing &prompt=consent from the authorization url, or change to &prompt=none. The following options are available for the "prompt" parameter:

  • "login": The user will be prompted to sign in, even if they have already signed in before.
  • "consent": The user will be prompted to consent to the requested permissions, even if they have already consented before.
  • "select_account": The user will be prompted to select an account to sign in with, and then they will be prompted to consent to the requested permissions.
  • "none": The user will not be prompted to sign in or consent, and the authentication request will fail if the user is not already signed in and has not already consented to the requested permissions. This option is only recommended if you are sure that the user has already signed in and has already consented to the requested permissions.

By default, if the "prompt" parameter is not specified, the user will be prompted to sign in and consent to the requested permissions if necessary. We've had users who have overcome this by setting the "prompt" to one of the options above as well (i.e. &prompt=select_account). Let us know if you have any luck.

Hi @nampreetatsafe ,

Thanks for the suggestion. I've tried all the options before, and the pop up still asks request for admin approval as a user(see attached).But for IT manager who is an admin,it works fine. Still, we've not traced where the email request gets delivered to. The IT manager, cant see any of the requests.imagecheers


angwan wrote:

Hi @nampreetatsafe ,

Thanks for the suggestion. I've tried all the options before, and the pop up still asks request for admin approval as a user(see attached).But for IT manager who is an admin,it works fine. Still, we've not traced where the email request gets delivered to. The IT manager, cant see any of the requests.imagecheers

mute Kind regards, Mick Houghton IT Manager | Balfour Beatty VINCI South Drive | Coleshill Manor Campus | B46 1DL M: 07805 800 437 | E: Mick.Houghton@BalfourBeattyVinci.com | LinkedIn<http://www.linkedin.com/in/mickhoughton> [A picture containing text, font, screenshot, line Description automatically generated] Reporting IT Incidents, IT Requests & FAQ's<https://bbvjv.sharepoint.com/sites/TechnologyandData/SitePages/ITSupport.aspx> - Need further help; ITSupport@balfourbeattyvinci.com

angwan
Contributor
Forum|alt.badge.img+6
  • Contributor
  • September 19, 2023

-@nampreetatsafe​ It now works. SharePoint Global admin receives email for approval. The approve consent request once granted, close the app and ready to use it with the app set to '&prompt=consent'

Cheers

 


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings