Configuring Pre-consent (Native App for Graph API)

Configure pre-consent for the native app that you created for the Graph API:

1. On a machine having Microsoft Online Services Sign-in Assistant (64-bit version) and Windows Azure Active Directory Module for Windows PowerShell (version 1.1.166.0) installed, open a Windows PowerShell command prompt session.

2. Run the following command:

   Connect-MsolService

   You will then be prompted for your credentials. Log in using the credentials of the user with the Global Admin permissions in your CSP account’s Azure Active Directory.

3. Run the following command:

   Get-MsolGroup | Where-Object {$_.DisplayName -like "AdminAgents"}

   From the command output, write down the Object ID of the AdminAgents group.

4. Run the following command:

   Get-MsolServicePrincipal | Where-Object {$_.AppPrincipalId -like "APP_ID_OF_NATIVE_APP_FOR_GRAPH_API"}

   From the command output, write down the Object ID of the native app.

5. Run the following command:

   Add-MsolGroupMember -GroupObjectId OBJECT_ID_OF_ADMIN_AGENT_GROUP -GroupMemberType ServicePrincipal -GroupMemberObjectId OBJECT_ID_OF_NATIVE_APP_FOR_GRAPH_API