Getting Authorization_IdentityNotFound even after consent given

Copper Contributor

Hey everyone,

I am trying to call microsoft graph apis and So I am asking admin to give consent to the application for the requested graph apis permissions and I am doing that through `https://login.microsoftonline.com/${tenant_id}/adminconsent?client_id=${client_id}&state=${state}&re...}`.

 

Everything works fine when I am doing testing in my local or my own test tenant but for my customers I am facing issues

Here are the two issues
1. If I try to generate the token through this api `https://login.microsoftonline.com/${organization_id}/oauth2/v2.0/token` immediately (after redirect from microsoft) after the user consent I don't get roles attached to the token [image attached]. But If I generate token after 2-3 seconds I get 2 roles/permissions attached to the token and then after re-calling the above api after 8-9 seconds I get all the roles in the token that I have configured in azure app registration api permissions.

I have all the 8 app permissions and 0 delegated permissions
"TeamMember.Read.All",

"Channel.ReadBasic.All",

"TeamsAppInstallation.ReadWriteSelfForChat.All",

"User.Read.All",

"ChannelMember.Read.All",

"Team.ReadBasic.All",

"Organization.Read.All",

"Channel.Create",

"Chat.Create",

So tell me if the delay is expected behaviour and if it is then how much maximum delay we should expect and handle in our code.


2. For us when we test installing the app in our testing microsoft organization either it works without any delay or it just works after 10-20 seconds delay and I am able to call the graph apis because I got the roles attached to the token. But for our customers that is not even happening for them when I am generate the token after their consent I get no roles/permission attached to the token even after 2 days and when I am trying to call the api with the token (which has no roles array) then I am getting Authorization_IdentityNotFound error.


Please help me solve this issue and provide some clarification, you can try installing our app for testing, it is on microsoft teams app store. Basically when you will install the bot, the bot will ask you to give consent for graph apis because that is how I am fetching different details for my app to run correctly.

https://teams.microsoft.com/l/app/e3009852-fd9c-4a77-b00d-9605dded364e?source=app-details-dialog

1 Reply

@themashcodee2 I have the same question! Does anyone have an answer??