authenticateUserWithMicrosoft problem due to custom parameter prompt=consent
Opened this issue · 0 comments
Version 16.4.0
When using authenticateUserWithMicrosoft, prompt=consent is always added.
This blocks users from authenticate if the orginization doesn't allow non-admin users to consent wish to make admin consent for the Entreprise Application.
This approach is used more and more for higher security level in Azure AD.
When a admin has granted consent for all users (or group of users) for the App, adding prompt=consent causes the app to always prompt for user consent even when the admin already have made the consent.
Please see:
https://stackoverflow.com/questions/60111863/azure-active-directory-needs-admin-approval-after-setting-prompt-consent for a in dept description.
The best approach in the senario would be to allow prompt parameter to be controlled when calling authenticateUserWithMicrosoft
In FirebasePlugin.java the parameter is added in line 2296: customParameters.put("prompt", "consent");
In FirebasePlugin.m the parameter is added in line 1057: [customParameters setValue:@"consent" forKey:@"prompt"];