What is user / admin consent?

Valotalive applications that integrate with Microsoft’s business applications (such as Power BI, PowerPoint or others.) use OAuth to securely connect Valotalive with them. OAuth requires user consent to read the app’s data.

Usually companies govern OAuth app consent in Azure AD.

Typically the authentication process requires the admin to approve the Enterprise application first, before the user can authenticate.

The authentication procedure can vary depending on your organization policies for governing the OAuth app consent in Azure AD.

There can be either 1. The user initiated procedure or 2. Admin initiated procedure for authentication. We will cover both below.

The user, who already has a Valotalive account, begins to activate a Microsoft related app in Valotalive. One of the first steps they run into is the authentication as shown below (activating Power BI app as an example).

When clicking the AUTHORIZE button to authorize Valotalive with the selected Microsoft account, the user might run into the following prompt stating that the admin review is needed.

You can send your admin a request for the review here. Type in comments as justification for the application to let the admin know what the app is for:
​

Note! You may also be prompted Need admin approval.

In this situation the Azure Admin in your company needs to consent requests on the Azure site. By setting up the request process the AD user can make the request as shown above.

Read more from Learn.microsoft.com site:

a) Enable the admin consent workflow

b) Configure how users consent to applications

​

The Azure AD admin is then notified about the request via email as shown in this example:

​

Once the admin clicks the Review request button, they will be taken to the Azure AD Admin Consent Requests page. They can view the permissions that the app is using and consent by clicking the Review permissions and consent button.

User is notified and can proceed.

After the user is notified about the admin consent via email, they can now proceed and authorize the application in Valotalive.

​

The admin initiated procedure can begin in Azure AD by searching for the specific Valotalive application.

Azure AD Gallery (link) is the place where third party integrations are listed and managed.

Navigate to the Azure Active Directory
--> Enterprise Applications and click + New Application to access Azure AD Gallery
​

To locate Valotalive applications in the Azure AD App Gallery search for Valotalive and you’ll find the needed applications.

​

Click the application in question to open its information page and click the blue button to follow to the Valotalive login page.
​

Click Create an account if you do not have an account before. The Azure AD admin account is needed only for the admin to grant admin consent.
​

Once the account is created, login and navigate to the dashboard. Choose the appropriate App by clicking that particular app icon.
​

Continue by clicking Choose this app

Click Authorize

You will be taken to the Microsoft login window.

Note! Make sure you are not logged into Microsoft applications with any other credentials on your browser in other tabs.
​

Important → Sign in with your Azure AD Admin account credentials.

You will be prompted with Permissions requested as follows.

IMPORTANT! While doing so please check the box Consent on behalf of your organization to make sure additional users are allowed to authenticate this application as well.

You will be prompted with Authorization successful in Valotalive.

This is now done and you log out from Valotalive.

Other users can now go ahead and start activating the app that has the admin consent now.

Read more about what consent the Company's Azure Admin has to grant on the Microsoft site: