Configuring Pre-consent (Native App for Graph API)

Configure pre-consent for the native app that you created for the Graph API:

1. Prepare the Object ID of the native app:

   1. Log in to the Azure Management Portal. To log in, you can use the respective link provided in Helpful Links.
   2. In the left-hand navigation pane, choose More services and click App registrations.
   3. On the App registrations blade, click on the native app intended for the Graph API. Note that you can find the native app by using its App ID.
   4. On the blade of the native app, copy and write down the Object ID of the native app.
2. On a machine having Azure Active Directory PowerShell Module Version 2 installed, open a Windows PowerShell command prompt session.

3. Run the following command to connect to the Azure Active Directory:

   Connect-AzureAD -AzureEnvironmentName "AzureCloud"

   You will then be prompted for your credentials. Click Work or School Account and log in using the credentials of the user with the Global Admin permissions in your CSP account’s Azure Active Directory.

4. Modify the PowerShell script given below by specifying the Object ID of the native app intended for the Graph API.

   #Specify the Application Object Id of the Native App

   $appObjectId = 'APPLICATION-OBJECT-ID-HERE'

   Set-AzureADApplication -ObjectId $appObjectId -AvailableToOtherTenants $true

   $azureADApp = Get-AzureADApplication -ObjectId $appObjectId

   #Get the Service Principal for the Application object

   $servicePrincipal = Get-AzureADServicePrincipal -All $true | ? {$_.AppId -eq $azureADApp.AppId}

   #Get the Admin Agents Group object

   $adminAgentsGroup = Get-AzureADGroup -All $true | ? {$_.DisplayName -eq 'AdminAgents'}

   #Run the below command to add preconsent for the application

   Add-AzureADGroupMember -ObjectId $adminAgentsGroup.ObjectId -RefObjectId $servicePrincipal.ObjectId

5. Execute the modified script to configure pre-consent for the native app.