![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 69%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERE%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Graph
An API that connects multiple Microsoft services, enabling data access and automation across platforms
The repeated consent prompts occur because some of the Microsoft Graph permissions configured for the app require admin consent and that consent has not yet been granted tenant‑wide.
In the screenshot, the following permissions show warnings and “Not granted for …” in the Status column:
- ChatMember.ReadWrite (Delegated)
- OnlineMeetingRecording.Read.All (Application)
- OnlineMeetings.Read.All (Application)
- OnlineMeetingTranscript.Read.All (Application)
When the app requests any of these scopes and they don’t have admin consent, the Microsoft identity platform keeps sending users through the consent experience.
To resolve:
- Sign in to the Microsoft Entra admin center as a Global Administrator or Cloud Application Administrator.
- Go to Entra ID → App registrations → select the app.
- Open API permissions.
- Verify that only the permissions actually needed by the app are listed. Remove any unused Graph permissions to avoid unnecessary consent prompts.
- For the remaining permissions that show a warning and “Not granted for …”, select Grant admin consent for <tenant> and confirm.
- After admin consent is granted, users will no longer see repeated consent prompts for those scopes.
If the app later adds new Graph permissions that require admin consent, repeat the same process to grant consent for the new scopes; otherwise users will again be prompted to consent.
References: