Search code examples
azureopc-uaindustrialazure-industrial-iot

Azure Industrial IoT Platform web app needs permission to access resources in your organization that only an admin can grant

I'm trying to deploy the platform using deploy.ps1 and it seems to work, but I cannot login to the engineering tool web app. I get the following message:

my-test-iiot needs permission to access resources in your organization that only an admin can grant. Please ask an admin to grant permission to this app before you can use it.

What should I do?

Solution

  • The issue is related to the application registrations in Azure Active Directory that are needed to authenticate. Basically we recommend three different options:

    1. Contact your IT- or AAD-Admin and ask for the process to get admin consent for your application. This would allow your app to use the corporate AAD for authentication.
    2. We provide a script called aad-register.ps1 that the AAD-Admin can execute to create the necessary application registrations and grant consent automatically.
    3. Create your own AAD or AAD B2C, this would give you the necessary rights and is the quickest solution for a PoC or test environment.

    See Deploying Azure Industrial IoT Platform and dependencies for more information.