![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 14.000000000000002%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEL%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Graph
An API that connects multiple Microsoft services, enabling data access and automation across platforms
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 94%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)
Hello,
For your issue, when application permissions are granted via consent, they are normally visible in the access token, but I have already seen a delay of up to 24 hours before the permissions appear. Do you have the issue after waiting some hours ?
For your information, application permissions can be assigned with "ADMIN CONSENT" or with "APPRBAC". When permissions are assigned using APPRBAC, they do not appear in the token. Since the number of scoping associated with permissions granted via consent is limited, many large companies are now using APPRBAC for application permissions. In this case, the ROLES field in the token will be empty. Please be very careful, as you may encounter situations where the roles field is empty even though the permissions are correctly configured.
Regards,
Lionel