Medium severityauthentication
Power BI Error:
AADSTS90095, Request Access Sent
What does this error mean?
User attempted to grant consent to an app that requires admin approval and was redirected to request access from a tenant administrator.
Common causes
- 1App requests admin-only permissions (e.g. application permissions or high-privilege delegated scopes like Directory.ReadWrite.All) that block user consent
- 2Tenant has 'Users can consent to apps' disabled or restricted to verified publishers/low-impact permissions only
- 3Admin Consent Workflow is enabled and the app is not pre-approved, so every new user triggers a request
- 4Service principal for the app does not yet exist in the tenant and provisioning requires admin consent
- 5Permissions on the app registration were expanded after initial consent, invalidating the previous user consent grant
How to fix it
- 1As a tenant admin, open Microsoft Entra admin center → Identity → Applications → Enterprise applications → Admin consent requests, locate the pending request for this app and Approve it
- 2Alternatively, grant tenant-wide admin consent directly: Enterprise applications → select the app → Permissions → 'Grant admin consent for <tenant>'
- 3Review the requested API permissions on the app registration and remove any scopes that aren't actually needed — over-scoped apps will keep triggering this prompt
- 4If this is a trusted internal/Microsoft app (e.g. Power BI Service, Fabric, ADF managed identity), pre-consent it for all users so end-users skip the interrupt
- 5Verify user consent settings under Identity → Enterprise applications → Consent and permissions match your governance policy (allow for verified publishers + low-impact, or fully disabled with workflow)