Contact UsContact Us

Read&Write For Mac Needs Admin Approval When Signing In

Last Modified on Tuesday, 26-Nov-2024 09:11:22 GMT
Note: This article applies to organizations using Federated Identification such as ADFS (Active Directory Federation Services)

Some organizations may choose to control the use of enterprise applications in Office 365 by restricting the ability for users to consent to third-party multi-tenant applications accessing user profile data in Azure Active Directory. 

The default Azure AD configuration allows user consent out-of-the-box, but this can be restricted from Azure Active Directory -> User Settings in the Azure Administration portal. 

Azure AD Settings page

If application consent is restricted, users (with the exception of Office 365 Global Administrators) will not be able to sign-in to Read&Write. The following error message will appear when a student or any non-admin attempts to sign-in:

"Need admin approval -- Texthelp Ltd needs permission to access resources in your organization that only an admin can grant. Please ask an admin to grant permission to this app before you can use it."

Given this configuration, two things may be done to allow users to access the Read&Write application:

1   (Optional) Users or groups may be assigned access to the Read&Write application

  • Navigate to Azure Admin Settings -> Azure Active Directory -> Enterprise Applications -> All Applications -> Read&Write.

  • Select Users and Groups -> Add User/Group. 

This article from Microsoft also details the process. 

2   A Global Administrator must give consent on behalf of users

  • Using an administrator account to sign-in to Office 365, the Administrator will need to copy the link below, replacing {tenant} with either the Primary domain or Tenant ID of their Azure Active Directory.

For Read&Write Mac v7.3 and above:

https://login.microsoftonline.com/{tenant}/v2.0/adminconsent?client_id=14d66fd9-3098-4e0f-8721-a35a3785d895&scope=https://graph.microsoft.com/User.Read%20https://graph.microsoft.com/email%20https://graph.microsoft.com/openid%20https://graph.microsoft.com/profile&redirect_uri=https://idp.texthelp.com/federation/microsoft/signin&state=Uj_DTXNI8_nBWrcuYrUtKm-p85dArJfnYRAxPqMpTkfkFT6na2JHHu2v6IHwE67xE9tUv8XEg5f90WFPgGJhUGwohDebnrfGsIiGJirXlEOIFG111_6hl3HeyTYJzksYZqU4Ucm75kNEZSUaIjAsugB2tqhXaL4ojEBj6MWacPAffa5wVBfoVkKUjiU5F9xksrHTCEE0G9shsrT_9Wb5kgPOK4YrrRilqj5Okxrl5A8zei5aFoS0wQrGWhGdw26-uPsXG4myLK6aeoi2dy-4TOin7trfRcImmyU1dhwgitE

If you also have Read&Write for Windows, please see our Windows support article here for the Windows link to use.

  • You will be prompted to consent for the read permissions that the Read&Write application needs
    This information can be found in Azure Portal, in the Overview section of Azure Active Directory.
     

  • After consenting, you'll be directed to the Read&Write login page https://idp.texthelp.com. Please allow a short period of time for the Read&Write Application to be added to your catalog.

After completing these steps, non-admin users should be able to access!

Related Articles

Was this article helpful?
Thank you for your feedback!
Still need help? Contact us here
Copyright © 2023 Texthelp Ltd. All rights reserved.