Only show these results:

Admin Approval

You can adjust your user settings or API permissions to control how users authenticate against your application.

Need Admin Approval

If a user tries to authenticate against an application and an admin hasn't granted consent, they will see a screen that prompts them to either continue without permission or for an admin to log in and grant permission.

There are two ways an admin can give permissions:

  1. Give admin consent in the API permissions and re-authenticate the user.

    Adding Admin consent for users
  2. Create a new session and sign into the application as an admin user to grant permission.

Need admin approval

User Settings

To control if your users can authenticate themselves against the Nylas application or if an administrator needs to approve the application, you'll need to adjust your Enterprise Applications User Settings.

Verified App Publisher

As of November 20, 2020, Microsoft requires you to be a verified publisher, otherwise your users will be presented with an error screen. You'll need to complete the verification process before changing your user settings. Read more at Microsoft Publisher verification. Keep in mind that a verified publisher is not the same as a verified domain. You'll need to go through both steps.

To adjust the Need Admin Approval setting, follow the steps below:

  1. Navigate to the Azure Active Directory admin center.
  2. Click on Enterprise applications.
  3. Click on User settings.
  4. There are two settings that control the authentication for the user:
    1. Users can consent to apps accessing company data on their behalf
    2. Users can consent to app accessing company data for groups they own

Toggle both of the settings to Yes if you want your users to be able to authenticate themselves. If you want your users to require administrative permission, toggle both of the settings to No.

Enterprise applications settings to toggle both admin permissions to No.

For certain functionality, such as room resources, the API permissions that Nylas requires will need approval from an administrator. For example, the
Place.Read.All permission requires an administrator to grant approval.

To give Admin consent from the Azure Portal, follow the steps below:

  1. Navigate to the Enterprise Applications area and select the application that you want to configure.
  2. Click on API Permissions.
  3. Follow the on-screen steps to give Admin consent.
Azure Active Directory admin center Enterprise applications

Authorizing an App as an Administrator

This process lets you as an administrator authenticate users on their behalf. In some cases, users may not be able to authenticate without administrator or company permission. Use the options below to get approval from the mail administrator.

Send an Approval Request to the Mail Administrator

This process outlines the steps for the mail administrator to approve the account's authentication:

  1. Select the Request approval from the prompt. This notifies the mail administrator.
  2. The mail administrator receives an email notification that the user has requested approval.
  3. The mail administrator then logs in with an admin account on https://portal.azure.com/ or through the link in the approval request email.
  4. Navigate to Enterprise Application.
  5. Click on Admin consent requests. From here, the mail administrator can see all pending requests and can give consent to the user here.
  6. When the above steps are complete, the user can then restart the authentication process and connect the account to Nylas.

Contact the Mail Administrator

You can share the process below with the mail administrator for the account:

  1. The mail administrator can configure these settings on the Azure application. This lets users consent to the app without having to contact their admin.
  2. The mail administrator logs in to https://portal.azure.com/.
  3. Navigate to Enterprise Application.
  4. Click on User settings.
  5. Configure and allow the Users can request admin consent to apps they are unable to consent to option.
  6. Confirm these settings in consent and permissions.
  7. Navigate to Enterprise Application.
  8. Click on Consent and permissions.
  9. Click on User consent settings and configure the Allow user consent for apps option.
  10. When the above steps are complete, the user can then restart the authentication process and connect the account to Nylas.

Contact the Customer's Mail Administrator

To assist in finding the source for blocked access, you can give the following information to the customer's mail administrator:

  • Timestamp of the login attempt.
  • Email address of the account.