Ensure the admin consent workflow is enabled

Why This Matters

Without the admin consent workflow enabled, users may inadvertently grant applications excessive permissions to your organization's data. This can lead to unauthorized access, data leaks, or malicious apps gaining persistent footholds. Enabling this workflow ensures that consent requests are routed to administrators for review and approval, giving you control over which apps can access your tenant.

What Aether365 Checks

Aether365 verifies that the admin consent workflow for applications is enabled in your Microsoft 365 tenant. This check appears in the Aether365 dashboard under microsoft-365 checks, specifically as CIS.M365.5.1.5.2.

How to Fix

To enable the admin consent workflow, follow these steps: