Admin Consent for Advanced API Access
Office 365 Admin Consent for Advanced API access
When setting up an Office 365 (O365) app instance, some apps require Okta to have unique access to Office 365 tenants and their users’ information for a successful sign in to their chiclets. The O365 Admin consent for Advanced API Access feature is an optional setting that allows admins to complete the consent flow with O365, a step required for signing into these special O365 chiclets using OAuth based sign on.
The following apps require this admin consent for Advanced API access:
Grant Admin Consent for the First Time
To allow for API access
Note: Only Global Administrator level admins can grant these permissions.
Note: If the Allow administrator to consent for Advanced API access check box remains checked, but the steps to grant consent from Microsoft are not completed after saving, an error message appears.
If this error message appears, you can either complete the process or uncheck the Allow administrator to consent for Advanced API access check box.
After initial Granting of Admin Consent
Re-authenticate Admin Consent
Re-authentication is required when a new app link requiring OAuth authentication is checked by the admin on the General tab. When an Office 365 app instance is already in use and access has been granted before, the Allow administrator to consent for Advanced API access check box will be checked, but the button displays as Re-authentication with Microsoft Office 365.