Bug Report: OAuth Flow prompt Parameter Should Be Configurable
Describe the bug
In the current OAuth flow, the prompt parameter is hardcoded to consent.
This should instead be configurable and taken as input from the user (or application context).
Reason: Some permissions are granted at the application level, while individual users may not have those permissions. In such cases, users are unnecessarily redirected to the consent page. Ideally, they should be silently authenticated (prompt=none) when possible to ensure a smoother authentication experience.
To Reproduce
Steps to reproduce the behavior:
- Create an SPN on Microsoft Azure and set up an OAuth flow for SharePoint.
- Grant
Sites.Read.All permission from the Admin account to the application (Application Permission, not Delegated Permission).
- As a normal user, try using this Agent with the SharePoint Connector.
- The user is asked for admin access each time, because
prompt=consent is appended to the URL.
Expected behavior
-
The prompt query parameter should be configurable when setting up authentication for the tool.
-
Since this value is hardcoded in AuthHandler, scenarios like the one described become difficult to handle.
-
Expected behavior:
- Allow silent authentication (
prompt=none) when possible.
- Redirect to consent screen only if explicitly required.
Desktop (please complete the following information):
- OS: macOS
- Python version: 3.13.3
- ADK version: 1.15.0
Model Information
- Using LiteLLM: No
- Model: gemini-2.5-flash
Additional context
-
If prompt=none is set manually, the following error occurs:
Auth Code not found
-
The parsing of the Auth Code returns null. While the code can be parsed from the URL, there may be a cleaner and more reliable way to handle this.
✅ Proposed Fix:
- Make the
prompt parameter configurable in AuthHandler.
- Provide options like
consent, none, login based on user/application context.
- Ensure Auth Code parsing works correctly even when
prompt=none is used.
Bug Report: OAuth Flow
promptParameter Should Be ConfigurableDescribe the bug
In the current OAuth flow, the
promptparameter is hardcoded toconsent.This should instead be configurable and taken as input from the user (or application context).
Reason: Some permissions are granted at the application level, while individual users may not have those permissions. In such cases, users are unnecessarily redirected to the consent page. Ideally, they should be silently authenticated (
prompt=none) when possible to ensure a smoother authentication experience.To Reproduce
Steps to reproduce the behavior:
Sites.Read.Allpermission from the Admin account to the application (Application Permission, not Delegated Permission).prompt=consentis appended to the URL.Expected behavior
The
promptquery parameter should be configurable when setting up authentication for the tool.Since this value is hardcoded in
AuthHandler, scenarios like the one described become difficult to handle.Expected behavior:
prompt=none) when possible.Desktop (please complete the following information):
Model Information
Additional context
If
prompt=noneis set manually, the following error occurs:The parsing of the Auth Code returns
null. While the code can be parsed from the URL, there may be a cleaner and more reliable way to handle this.✅ Proposed Fix:
promptparameter configurable inAuthHandler.consent,none,loginbased on user/application context.prompt=noneis used.