Un authorized text shown on page got redirected to my application after granting admin consent to new tenant
I have two tenants t1 and t2. On t1 when admin of t2 logs in it asks for admin consent at this URL:
Admin login is successful then permission are granted and under ENTERPRISE APPLICATION of t2 , t1 app is being created.
When user is redirected back to my application page on below URL its says Unauthorized!!!
http://localhost/myapp/permissions?admin_consent=True&tenant=fa00d692-e9c7-4460-a743-29f2956fd429&scope=https://graph.microsoft.com/Calendars.Read https://graph.microsoft.com/Mail.Send
If I remove scopes from this Url then it hits my single page without un authorized error and works fine.
We have tried the same ,to achieve it on our end and it works.
We have created 2 tenant from our admin site .
Created Enterprise application with register an application under Tenant-A with providing below permissions for that application for users and Grant Admin for consent as well.
Now, need to configure with Tenant-B , So to give scope and access to other tenant or to add guest user and send an invitation so that it can be accessible we can send the invitation and accept by using the admin credentials of other tenant as mentioned in the given MS DOC . Or, to give the admin access to Tenant-B we can add by following ;
Go to your Azure active directory(Contoso)> Users > Invite users .
After send the invitation in sometime there will be shown something like below the tenant we added.
As shown above- the invite user is already appear from their click on the invite user and add the assignments. Then from there we can give the Application Administrator access to that Tenant(Tenant-B). So the application will be accessible once we approve the request for verified account when log-in for the first time
For the error(Unauthorized) please make sure that you have added the Calendars.Readwrite for the users and granted admin consent as well.
For more information please refer the below links for the similar issues:-