Forum Discussion
Solved
Teams won't talk to Azure Bot Messaging endpoint
The "Web Chat" channel works fine, but the "Microsoft Teams" doesn't. A few clues as to what might be going on... 1) If I point to an ngrok tunnel that goes directly to the https service (haproxy...
nexus-steve - these are the cipher suites that SMBA supports:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Thanks HunaidHanfee-MSFT - but yes, the endpoint is publicly available and the bot has both the Teams and Web Chat channels. What's more, the relevant Microsoft services must be seeing the relevant settings or we wouldn't be seeing the OPTIONS request at the endpoint.
Steve
Steve
As I understand from the question app is working when pointed to ngrok. You are facing problem when you are giving some other endpoint.
If you doing it locally make sure that bot is running and ngrok or other endpoint should point to the same port on which local bot is running.
Also, you should check on Teams web client and look console for errors. Please make sure that you have given the correct botId in the manifest.
Could you please share bot Id and timestamp when you faced this issue so that we can check at our end what is wrong?
If you doing it locally make sure that bot is running and ngrok or other endpoint should point to the same port on which local bot is running.
Also, you should check on Teams web client and look console for errors. Please make sure that you have given the correct botId in the manifest.
Could you please share bot Id and timestamp when you faced this issue so that we can check at our end what is wrong?
- Hi HunaidHanfee-MSFT
Indeed the app is working when pointed to an ngrok endpoint, but the ngrok tunnel is pointed directly (initiated from inside the service's VM) to the "live" socket - i.e. to the same endpoint. This might seem to indicate that there is a firewall or other infrastructure issue blocking Teams' access to the endpoint, but we've eliminated that possibility. We can see the Teams traffic in tcpdump captures, *and* we're capturing Teams CORS OPTIONS requests at the endpoint.
ngrok uses an Authorisation header so will overwrite whatever comes from Azure/Teams. This might be a clue to what's going on.
As you've suggested, I've brought up the Teams web client in a clean version of Firefox (no blockers etc) on a linux VM and, for sure, Angular is spitting out a bunch of errors. There is plenty of data the client is expecting, but not getting. e.g.
XML Parsing Error: no root element found
Location: https://presence.teams.microsoft.com/v1/me/reportmyactivity
You should know that we raised a ticket (Case #:27092020) for this issue. We were asked for, and provided, all manner of information and data from the the desktop app and the machine it was running on. I think we've established that the problem is how the Teams (or Azure Bot) server-side application is interacting with our endpoint - and not with either the desktop or web client.
The bot id is "ask-kaybot" The issue is continuous, but I'll make a couple more requests to it at the same time I post this reply so that you have a timestamp.
SteveHello stephenmdyoung,
Please have a look at this FAQ. It explain which specific URLs you need to allow-list in your corporate firewall.
Also could please share your bot GUID Id that you used while creating bot channel registration or used in manifest.Thanks for this HunaidHanfee-MSFT
The endpoint sits on an AWS VM - not behind a corporate firewall. No incoming hosts/IP addresses are blocked at this stage - only ports.
The ask-kaybot Microsoft App ID is ee4a1ffe-1d28-4d74-9aeb-e27f25d9acc0 - I hope this is the GUID you need.
