You can currently use the aad app add command to create Azure AD app registrations and define both delegate and application scoped permissions to be used, however, if you configure a scope that requires admin consent to be granted, you must manually log into the Azure Portal and consent manually before the permission can be used.
I propose that we add a new option to the command named --grantAdminConsent that when present, will automatically grant consent for the permissions passed in via the --apisDelegated and --apisApplication options, thus removing the manual consent step.
The below comment in the Azure CLI repo provides insight into how this is achieved using the Azure CLI for delegate permissions and REST API for application permissions.
Azure/azure-cli#12137 (comment)
You can currently use the
aad app addcommand to create Azure AD app registrations and define both delegate and application scoped permissions to be used, however, if you configure a scope that requires admin consent to be granted, you must manually log into the Azure Portal and consent manually before the permission can be used.I propose that we add a new option to the command named
--grantAdminConsentthat when present, will automatically grant consent for the permissions passed in via the--apisDelegatedand--apisApplicationoptions, thus removing the manual consent step.The below comment in the Azure CLI repo provides insight into how this is achieved using the Azure CLI for delegate permissions and REST API for application permissions.
Azure/azure-cli#12137 (comment)