We started having this problem shortly after we started using DYN365O Update 3. Our code worked for a while then one day in mid-January stopped working. The following error happens when our code tries to connect:
Response Code (1004) {"error":"AADSTS65001: The user or administrator has not consented to use the application with ID '<APPID>'. Send an interactive authorization request for this user and resource.\r\nTrace ID: d1775f71-ac60-4d12-ace5-39b52452a5c7\r\nCorrelation ID: 38e3b5c6-52c2-4ea9-9ad1-67230e246b40\r\nTimestamp: 2017-01-29 21:42:43Z"}
I was able to use the code here (github.com/.../Dynamics-AX-Integration) to recreate the problem.
1. When pointing to our Update 2 (August Update) DYN365O instance everything works perfectly.
2. Changing the URI to point to Update3 we begin to see these errors.
I have searched the internet and I have done everything suggested including:
1. Setting oauth2AllowImplicitFlow = true in the manifest for the Azure App.
2. Under permissions for the APP in AAD I have used the Grant Permissions to "grant permissions for all accounts in the directory".
3. Altering the call to AcquireTokenAsync to include "prompt=admin_consent". I am presented with the prompt screen but even after entering the AAD admin userid/password I get the same error.
a. Tried other users.
4. Verified that the user in DYN365O (under System Administration >> Users) is identical in both our Update 2 and Update 3 instances.