I am trying to use the https://learn.microsoft.com/en-us/graph/api/userteamwork-sendactivitynotification with Application permission (TeamsActivity.Send).The API works as expected if the token was created with a Single-tenant authority URL (authorityHost+'/'+tenantId). However, I am unable to make it work with a multitenant authority URL (authorityHost+'/common'). I tried 3 options - https://learn.microsoft.com/en-us/microsoftteams/platform/toolkit/teamsfx-sdk#supported-functions - Used createMicrosoftGraphClientWithCredential with AppCredentialTenantId is automatically appended to authorityUrl. No way to specify '/common'https://github.com/microsoftgraph/msgraph-sdk-javascript/blob/607bf2044e20f8adb396a65bf4fbfb40e29f3fcf/docs/TokenCredentialAuthenticationProvider.md: Used ClientSecretCredential from the azure/identity library. Same result. No way to specify '/common' in the authorityUrl. The https://learn.microsoft.com/en-us/javascript/api/%40azure/identity/clientsecretcredentialoptions?view=azure-node-latest#@azure-identity-clientsecretcredentialoptions-additionallyallowedtenants property made no difference.https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-node/docs/initialize-confidential-client-application.md#initializing-the-confidentialclientapplication-object: Used ConfidentialClientApplication with acquireTokenByClientCredentialGot the following error - ClientAuthError: missing_tenant_id_error: A tenant id - not common, organizations, or consumers - must be specified when using the client_credentials flow.

Copper Contributor

Oct 31, 2023

Solved

Send Activity Notification with Application permission doesn't support Multi-Tenancy

I am trying to use the https://learn.microsoft.com/en-us/graph/api/userteamwork-sendactivitynotification with Application permission (TeamsActivity.Send).

The API works as expected if the token was created with a Single-tenant authority URL (authorityHost+'/'+tenantId).

However, I am unable to make it work with a multitenant authority URL (authorityHost+'/common').

I tried 3 options -

https://learn.microsoft.com/en-us/microsoftteams/platform/toolkit/teamsfx-sdk#supported-functions - Used createMicrosoftGraphClientWithCredential with AppCredential
- TenantId is automatically appended to authorityUrl. No way to specify '/common'
https://github.com/microsoftgraph/msgraph-sdk-javascript/blob/607bf2044e20f8adb396a65bf4fbfb40e29f3fcf/docs/TokenCredentialAuthenticationProvider.md: Used ClientSecretCredential from the azure/identity library.
- Same result. No way to specify '/common' in the authorityUrl. The https://learn.microsoft.com/en-us/javascript/api/%40azure/identity/clientsecretcredentialoptions?view=azure-node-latest#@azure-identity-clientsecretcredentialoptions-additionallyallowedtenants property made no difference.
https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-node/docs/initialize-confidential-client-application.md#initializing-the-confidentialclientapplication-object: Used ConfidentialClientApplication with acquireTokenByClientCredential
- Got the following error -
  ClientAuthError: missing_tenant_id_error: A tenant id - not common, organizations, or consumers - must be specified when using the client_credentials flow.

developer

microsoft teams

Forum Discussion

Send Activity Notification with Application permission doesn't support Multi-Tenancy

3 Replies

Resources