We have developed a native app and a web API under the same AD (not a multi tenant solution), and configuring the apps as per the documentation - docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-configure-app-access-web-apis
the client application needs to access the web API As signed in user (delegate permissions) but we are still getting the error admin permission required when trying to sign in, screenshot attached
The only permission in the native app is AAD -> user.read
webapi -> user_impersonation
and they clearly state admin consent not required