Bug? Consent web site does not show name of Entra ID application about microsoft-authentication-library-for-dotnet HOT 4 CLOSED

I will open a ticket.

Thanks for you fast support!

from microsoft-authentication-library-for-dotnet.

@GruberMarkus can you please share the code you are writing for this? For consent, are you talking about the first time a user logs in? Do you have a screenshot?

from microsoft-authentication-library-for-dotnet.

There is even no code neccessary. It is enough to open one of the two consent links I shared:

• https://login.microsoftonline.com/organizations/adminconsent?client_id=beea8249-8c98-4c76-92f6-ce3c468a61e6
• https://login.microsoftonline.com/organizations/v2.0/adminconsent?client_id=beea8249-8c98-4c76-92f6-ce3c468a61e6&scope=.default

I could break it down a bit further:

• All information I expect is shown when the link is opened by an account having the permissions to grant admin consent.
• When the link is opened by an account that does not have the permissions to grant admin consent, the logo and the name of the verified Microsoft Partner is shown, but not the name of the application. I would also expect to see the Terms of Service URL and the Privacy State URL, but they are missing, too.

In the attached screenshot, you can see that the "Need admin consent" web site does not show the name of the application.

I am quite sure that this is not an MSAL problem. Maybe you know a solution, or can tell me where I can report this problem?

from microsoft-authentication-library-for-dotnet.

You can use the Azure Portal to open a support ticket with Microsoft. The support team will get it to the service team if they cannot find a solution.

The web UI experience, including the authorization screens, is owned by the Identity Provider (Entra ID). Not by the SDK.

The main question here is - is this a regression? Did this ever work ?

I do not know the experience that well, but the "Terms and Conditions" should definitely appear in one of the authorization pages, there is even a CA policy to enforce it - https://learn.microsoft.com/en-us/entra/identity/conditional-access/terms-of-use
I think the name of app is shown on the first screen, on the "App XYZ wants you to login. Enter your username below".

Also, the name of the app in a public client application on Windows, Mac or Linux is not a reliable indicator. This is because on public client the app identity cannot be enforced by the OS. It's just a client ID and a redirect URI, both of them public pieces of information. Visual Studio's client ID is definitely reused by many apps.

from microsoft-authentication-library-for-dotnet.