How-to: Qlik Automate connectors to Microsoft Office 365 require Admin Consent

MarkGeurtsen — Thu, 24 Jul 2025 10:33:08 GMT

In Qlik Automate when trying to connect a connector of the Microsoft Office 365 suite, some users will experience the following message during the authentication flow:

This error can show up for the Microsoft Teams, Microsoft OneDrive, Microsoft SharePoint and Microsoft Excel connectors and depends on your Office 365 tenant. This article explains different methods on how to allow users to make a connector from Qlik Automate.

When an Azure admin navigates to the Consent and Permissions page inside Enterprise Applications, the following will be visible:

Admin Consent Request Workflow

If the option Do not allow user consent is selected, the only way to get the Microsoft connectors in Qlik Automate working is by enabling the Admin Consent Request workflow. To do this, the admin needs to navigate to Admin consent settings and enable the request box and assign reviewers for each request justification:

When a user now creates a connection, they will be asked to provide a justification. This request will be sent to the Azure Administrators of the tenant:

When this request is submitted, the reviewers of the request should now see the request:

The reviewer can review the request which takes the reviewer to the consent screen with the option to allow access for the organization. This will install an enterprise application in the Azure tenant of the user.

Classifying low impact permissions

An alternative option is if the Azure tenant selected the option Allow User Consent from verified publishers for selected permissions.

When this option is chosen, an Azure administrator of the tenant can head to the Permission Classifications page:

The following scopes will have to be classified as low impact for the different connectors:

Microsoft Teams	Microsoft SharePoint	Microsoft OneDrive	Microsoft Excel	Microsoft Outlook
User.Read	User.Read	User.Read	User.Read	User.Read
offline_access	offline_access	offline_access	offline_access	offline_access
profile	Files.Read.All	Files.ReadWrite.All	Files.ReadWrite.All	Mail.Send
openid	Files.ReadWrite.All
email	Sites.Read.All
Team.ReadBasic.All	Sites.Manage.All
ChannelMessage.Send	Sites.ReadWrite.All
Channel.ReadBasic.All

Microsoft Teams/SharePoint ( with admin consent )

This connector will always require admin consent and these scopes cannot be classified as being low impact.

Re: How-to: Qlik Application Automation connectors to Office 365 require Admin Consent

Harsha-Lodha — Fri, 28 Mar 2025 18:25:28 GMT

Hello, Some people from my team were able to connect but others are facing issue shown in picture above. I think we all have the same Azure permissions. Could there be any other issue?

Re: How-to: Qlik Application Automation connectors to Office 365 require Admin Consent

Harsha-Lodha — Fri, 28 Mar 2025 18:27:14 GMT

Hey @MarkGeurtsen Hello, Some people from my team were able to connect but others are facing issue shown in picture above. I think we all have the same Azure permissions. Could there be any other issue? #urgent #qlikconnection

article How-to: Qlik Automate connectors to Microsoft Office 365 require Admin Consent in Official Support Articles

How-to: Qlik Automate connectors to Microsoft Office 365 require Admin Consent

Admin Consent Request Workflow

Classifying low impact permissions

Re: How-to: Qlik Application Automation connectors to Office 365 require Admin Consent

Re: How-to: Qlik Application Automation connectors to Office 365 require Admin Consent