You can adjust your user settings or API permissions to control how users authenticate against your application.

Need admin approval

If a user tries to authenticate against an application that has requires and has not been granted Admin consent, the user will be shown a screen that prompts them to continue without the permission or for an admin user to log in and grant the correct permission.

There are two ways an admin can give permissions:

1. Give Admin consent in the API permissions, then re-authenticate the user.
2. Create a new session and sign into the application as an admin user to grant permission.

User Settings

To control if users can authenticate themselves against the Nylas application or if an administrator needs to approve the application, you need to adjust your Enterprise Applications User Settings.

To adjust the Need Admin Approval:

1. Go to the Azure Active Directory admin center.
2. Go to Enterprise applications > User settings.
3. There are two settings that control the authentication for the user.
   1. Users can consent to apps accessing company data on their behalf
   2. Users can consent to app accessing company data for groups they own

Toggle both to yes if you want users to authenticate themselves or toggle both to no to require administrative permission.

API Admin Consent

For particular functionality, such as room resources, the API permissions Nylas requires need to be approved by an administrator. For example, the
Place.Read.All permission requires an administrator to grant approval.

To give Admin consent from the Azure Portal:

1. Go to your Azure Portal.
2. Navigate to the Enterprise Applications area and select the application that needs the permission.
3. Click on API Permissions.
4. Follow the on-screen steps to give Admin consent.