[GH-ISSUE #4414] [Bug]: Standard Require admin consent for applications (Prevent OAuth phishing) not applying properly #2014

New issue

Closed

opened 2026-03-02 13:48:56 +03:00 by kerem · 3 comments

kerem commented 2026-03-02 13:48:56 +03:00

Owner

Copy link

Originally created by @TUCU-KOConnor on GitHub (Jul 9, 2025).
Original GitHub issue: https://github.com/KelvinTegelaar/CIPP/issues/4414

Required confirmations before submitting

• I can reproduce this issue on the latest released versions of both CIPP and CIPP-API.
• I have searched existing issues (both open and closed) to avoid duplicates.
• I am not requesting general support; this is an actual bug report.

Issue Description

I am unable to get this standard working, it seems to also allow an app though it mentions nothing about this in the description. The log shows the standard is applied, but always lists it as non-compliant.

Manual Settings Report result:

Automatic Remediation result:

Confirmation that the CIPP profile was applied in Entra:

Some additional findings related to the issue I am experiencing:
https://exigence.com.au/cipp-vulnerability-finding-a-third-party-risk-story/

Environment Type

Sponsored (paying) user

Front End Version

8.1.1

Back End Version

8.1.1

Relevant Logs / Stack Trace

Originally created by @TUCU-KOConnor on GitHub (Jul 9, 2025). Original GitHub issue: https://github.com/KelvinTegelaar/CIPP/issues/4414 ### Required confirmations before submitting - [x] **I can reproduce this issue on the latest released versions** of both CIPP and CIPP-API. - [x] **I have searched existing issues** (both open and closed) to avoid duplicates. - [x] I am **not** requesting general support; this is an actual bug report. ### Issue Description I am unable to get this standard working, it seems to also allow an app though it mentions nothing about this in the description. The log shows the standard is applied, but always lists it as non-compliant. Manual Settings Report result: <img width="2249" height="290" alt="Image" src="https://github.com/user-attachments/assets/4cf3b0e9-b1d4-4a7e-9518-1b7df274816e" /> Automatic Remediation result: <img width="2249" height="294" alt="Image" src="https://github.com/user-attachments/assets/74ef2410-6333-479f-9e23-282f5675e684" /> Confirmation that the CIPP profile was applied in Entra: <img width="1112" height="432" alt="Image" src="https://github.com/user-attachments/assets/661763c2-d549-457c-bc83-18cffb342149" /> Some additional findings related to the issue I am experiencing: https://exigence.com.au/cipp-vulnerability-finding-a-third-party-risk-story/ ### Environment Type Sponsored (paying) user ### Front End Version 8.1.1 ### Back End Version 8.1.1 ### Relevant Logs / Stack Trace ```plaintext ```

kerem 2026-03-02 13:48:56 +03:00

• closed this issue
• added the
  bug
  unconfirmed-by-user
  not-assigned
  labels

kerem commented 2026-03-02 13:48:57 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Jul 9, 2025):

Thank you for reporting a potential bug. If you would like to work on this bug, please comment:

I would like to work on this please!

Thank you for helping us maintain the project!

<!-- gh-comment-id:3053357663 --> @github-actions[bot] commented on GitHub (Jul 9, 2025): Thank you for reporting a potential bug. If you would like to work on this bug, please comment: > I would like to work on this please! Thank you for helping us maintain the project!

kerem commented 2026-03-02 13:48:57 +03:00

Author

Owner

Copy link

@KelvinTegelaar commented on GitHub (Jul 9, 2025):

!support

<!-- gh-comment-id:3053437166 --> @KelvinTegelaar commented on GitHub (Jul 9, 2025): !support

kerem commented 2026-03-02 13:48:57 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Jul 9, 2025):

Hello,

Thank you for reaching out! This report has been classified as a support request rather than a bug or feature request. To keep our development process focused, support requests are limited to paying users. This policy allows us to prioritize resources for those actively supporting CIPP, helping us maintain high-quality development and support.

Sponsors can contact our helpdesk directly via email for assistance with any issues or questions. For non-sponsor support, please refer to our documentation and community discussions—many questions have been answered there.

Did you get this notification in error? Reply with a screenshot of your sponsorship payment, and we’ll gladly reopen the request.

Thank you for your understanding,
The CIPP Team

<!-- gh-comment-id:3053437678 --> @github-actions[bot] commented on GitHub (Jul 9, 2025): Hello, Thank you for reaching out! This report has been classified as a **support request** rather than a bug or feature request. To keep our development process focused, support requests are limited to paying users. This policy allows us to prioritize resources for those actively supporting CIPP, helping us maintain high-quality development and support. Sponsors can contact our helpdesk directly via email for assistance with any issues or questions. For non-sponsor support, please refer to our documentation and community discussions—many questions have been answered there. **Did you get this notification in error?** Reply with a screenshot of your sponsorship payment, and we’ll gladly reopen the request. _Thank you for your understanding,_ **The CIPP Team**

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

dev

docs

dependabot/npm_and_yarn/dev/uiw/react-json-view-2.0.0-alpha.42

dependabot/npm_and_yarn/dev/tanstack/react-query-persist-client-5.96.2

dependabot/npm_and_yarn/dev/mui-tiptap-1.30.0

dependabot/npm_and_yarn/dev/tanstack/react-query-devtools-5.96.2

dependabot/npm_and_yarn/dev/recharts-3.8.1

dependabot/github_actions/dev/actions/setup-node-6.4.0

copilot/add-alert-for-report-only-ca

release/beta

release/nightly

docs-maintenance

v10.4.0

v10.3.0

v10.2.0

v10.1.0

v10.0.0

v8.8.0

v8.7.0

v8.6.0

v8.5.0

v8.4.0

v8.3.0

v8.2.0

v8.1.0

v8.0.0

v7.5.0

v7.4.0

v7.3.0

v7.2.0

v7.1.0

v7.0.1

v6.4.0

v6.3.0

v6.2.0

v6.1.0

v6.0.0

v5.9.0

v5.8.5

v5.8.0

v5.7.0

v5.6.0

v5.5.0

v5.4.0

v5.3.0

v5.2.0

v5.1.0

v5.0.0

v4.9.0

v4.8.0

v4.7.0

v.4.6.0

v4.5.0

v4.4.0

v4.3.0

v4.2.0

v4.1.0

v4.0.0

v3.8.0

v3.7.0

v3.6.0

v3.5.0

v3.4.0

v3.3.0

v3.2.0

v3.1.0

v3.0.0

v2.20.0

v2.19.0

v2.18.0

v2.17.0

v2.16.0

v2.15.0

v2.13.0

v2.12.0

v2.11.2

v2.1.11.0

v.2.10.0

v2.9.0

v2.8.0

v2.7.0

v2.6.0

v2.5.5

v2.5.0

v2.4.0

v.2.3.0

v2.2.0

v2.1.2

v2.1.1

v2.1.0

v2.0.1

2.0.0

v1.5.1

v1.5.0

v1.4.3

v1.4.2

v1.4.0

v1.3.0

v1.2.1

v1.2.0

1.1.0

release

Labels

Clear labels   

API

  

Feature

  

NotABug

  

NotABug

  

Planned

  

Sponsor Priority

  

Sponsor Priority

  

bug

  

documentation

  

duplicate

  

enhancement

  

needs more info

  

no-activity

  

no-priority

  

not-assigned

  

pull-request

Mirrored from GitHub Pull Request

  

react-conversion

  

react-conversion

  

roadmap

  

security

  

stale

  

unconfirmed-by-user

  

unconfirmed-by-user

  

wontfix

No labels

API

Feature

NotABug

NotABug

Planned

Sponsor Priority

Sponsor Priority

bug

documentation

duplicate

enhancement

needs more info

no-activity

no-priority

not-assigned

pull-request

react-conversion

react-conversion

roadmap

security

stale

unconfirmed-by-user

unconfirmed-by-user

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/CIPP#2014

No description provided.