Default Settings - Consent Policy Settings - Users can request admin consent to apps they are unable to consent to
Why This Matters
When users can request admin consent for third-party applications, it introduces a significant risk of unauthorized data access. If a non-admin user initiates a consent request for a malicious app, the admin might approve it without fully vetting the application. This setting gives you control over whether such requests are allowed.
What Aether365 Checks
This check verifies that the "Users can request admin consent to apps they are unable to consent to" setting is enabled in your Microsoft Entra ID default consent policy. It appears in the Aether365 dashboard under the entra-id service checks.