While using the UiPath Office365 Activity the following error message is thrown "MsalUiRequiredException AADSTS65001: The user or administrator has not consented to use the application with ID '{appId}' named '{appName}'. Send an interactive authorization request for this user and resource". How to resolve this?
The mentioned error message is displayed by Azure, because the user or administrator has not consented to use the application. The consent be done either statically (through the portal), or dynamically (but this requires an interaction with Azure AD, which is not possible with the username/password flow).
Statically: In the portal by doing the following in the “API permissions” tab of the application registration:
- Click "Add a permission" and add all the delegated permissions corresponding to the scopes needed (for instance User.Read and User.ReadBasic.All). Check for the permissions needed.
- Click "Grant/revoke admin consent for ") and click "yes".
Is very important who clicks that button:
- If the user that clicks that button is a regular user in Azure Active Directory only him/her will be able to use the application with those permissions *
- If the user that clicks that button is a Global Administrator in Azure Active Directory, everybody that is part of that AAD will be able use that application with those permissions.
Dynamically: Build the URL and navigate to a consent URL, like for example:
- https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id={clientId}&response_type=code&scope=user.read