On attempting to recover to Azure, the user encounters a warning at the point of authentication: “This app may be risky. If you trust this app, please ask your admin to grant you access.”
This happens when the user attempting the recovery does not have the application administrator role assigned.
The Azure administrator will need to assign this role to the user attempting the recovery by following these steps:
1. Log into the Azure Portal and go to Azure Active Directory.
2. Under Users, choose the user you want to assign the role to (in this case LabDomainAdmin).
3. Go to Assigned roles in the sidebar, then click on Add assignments.
4. Select Application administrator and click Add.
The role should then be assigned to the relevant user, and they should be able to deploy the Azure Mobility application to your Azure tenant.