| Description | This article describes how to resolve the Microsoft Sentinel Connector Admin Consent Error in FortiSOAR. |
| Scope | FortiSOAR. |
| Solution |
When configuring the Microsoft Sentinel connector in FortiSOAR, the following error is observed during the Health Check:
Configuration Health Check Failed! Response 400: Bad Request Error Message: AADSTS65001: The user or administrator has not consented to use the application with ID '0d417728-d94f-4eeb-96c9-66130bed5d95' named 'Sentinel incidents to FortiSOAR'
This indicates that admin consent has not been granted to the Microsoft Entra (Azure AD) application used by the connector.
The connector uses an Azure AD-registered application to retrieve incident data from Microsoft Sentinel. This application requires admin consent to access Microsoft Graph and Sentinel APIs. Without this consent, authorization fails during the health check.
Therefore, need to grant admin consent for the application ID on the Azure Portal end.
Once admin consent is granted:
|
