This is a spiritual successor to an older post. Say you have an Enterprise Application in your Azure AD tenant. It is from a different tenant (i.e. not something you added to your tenant via App Registrations and granted permissions etc.) and the first time it was setup it asked for specific permissions that you consented to. Now they want additional permisisons.
If this were an App Registration based on, you could have added the permissions in the App Registration and done a consent. Or you could try and login to the app the same way an end-user would do and consent it there. Or you could just following Microsoft’s steps to do an admin consent. Those steps are can be found in this official document. Here’s all you need to do:
1. Open a browser
2. Go to https://login.microsoftonline.com/<tenantId>/v2.0/adminconsent?client_id=<applicationId>&state=12345&scope=<space separated list of permissions>.
Replace tenantId, applicationId, and permissions in the Url above… and that’s it. You’ll get the admin consent prompt in the browser and you can approve.
The official instructions also give the redirect_uri but I found that that is not required. In fact using localhost like in those instructions don’t work either as complains that this is not a valid Reply Url for the application.