Ensure the admin consent workflow is enabled
Why This Matters
Without the admin consent workflow enabled, users may be blocked from accessing legitimate applications that require admin approval, or they may bypass security controls by self-granting permissions. This creates a security gap where unauthorized applications could gain access to your organization's data. Enabling the workflow centralizes application approval under designated administrators, reducing the risk of malicious app installations.
What Aether365 Checks
Aether365 verifies that the admin consent workflow is enabled in your Microsoft Entra ID tenant. This check appears in the Aether365 dashboard under the Entra ID identity and application security section.