I’m building a console app that needs to interact with an Azure AD API. When I try to set up the permissions, I hit a snag. In the ‘Add permissions’ section, the ‘Application permissions’ option is grayed out. I can only pick ‘Delegated permissions’.
This doesn’t make sense to me. My app runs in the background without user login, so ‘Application permissions’ seems like the right choice. The help text even says it’s for apps that run as background services or daemons.
On the other hand, ‘Delegated permissions’ are for apps that need API access as the logged-in user. That’s not what I’m doing.
Does anyone know why ‘Application permissions’ is unavailable? Is there a setting I’m missing or a requirement I haven’t met? I’m stumped and could use some guidance on how to proceed with my console app’s API permissions.
I’ve dealt with this before in my projects. The issue often stems from the app registration’s configuration. Make sure you’ve set the correct token authentication in Azure AD. Navigate to your app registration, then to ‘Manifest’. Look for the ‘accessTokenAcceptedVersion’ property and set it to 2 if it’s not already. This enables modern authentication protocols which are required for application permissions.
Also, verify that you’ve assigned the necessary roles to your application. Go to ‘API permissions’, click ‘Add a permission’, choose the API you need, and then select ‘Application permissions’. After adding the permissions, don’t forget to grant admin consent.
If these steps don’t resolve the issue, you might need to recreate your app registration. Sometimes, legacy settings can interfere with newer permission models.
hey mate, i had the same issue. check ur app type in azure portal. if it’s set as ‘web’, switch it to ‘public client/native’. that should unlock the application permissions option for ya. took me ages to figure this out lol. good luck!
I’ve encountered this issue before, and it can be frustrating. The reason you’re seeing ‘Application permissions’ grayed out is likely because your app registration isn’t set up correctly in Azure AD.
To fix this, go to your app registration in the Azure portal. Under ‘Authentication’, make sure you’ve selected ‘Yes’ for the option ‘Allow public client flows’. This enables your app to use the client credentials flow, which is necessary for application permissions.
Also, double-check that you’ve set the correct application type. For a console app, it should be ‘Public client/native (mobile & desktop)’.
If these steps don’t work, you might need to create a new app registration from scratch. Sometimes, existing registrations can have quirks that prevent certain permissions from being available.
Lastly, ensure you’re using the correct API. Not all APIs support application permissions. If you’re still stuck, review the API documentation to confirm it allows for application-level access.