cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Teams tab: Authentication to call Graph API

diegoSpace
Brass Contributor

‎Jan 21 2020 08:17 AM - edited ‎Jan 21 2020 08:18 AM

‎Jan 21 2020 08:17 AM - edited ‎Jan 21 2020 08:18 AM

Teams tab: Authentication to call Graph API

Hi,
I have a Teams app with a bot (node js) and tabs (personal & channel, html/js).

 

I have read that an OAuth2 authorization process is required to call Graph API (for instance, to get all Teams users), with a +- complex mechanism including a popup window for the user to enter credentials.


But I found a way to call Graph API without using user credentials, but using the app credentials (appId & appPasword) I have in my bot code:

 

1. Ask for a Token (POST request): https://login.microsoftonline.com/{tenandId}/oauth2/v2.0/token
Header: 'Content-Type': 'application/x-www-form-urlencoded'
Body: 'client_id={appId}&client_secret={appPasword}&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&grant_type=client_credentials'


2. Use this token to call Graph API (GET request): https://graph.microsoft.com/v1.0/users
Header: 'Authorization': {TOKEN}

 

With that I have all the users (or another data from Graph API) without credentials step, since {tenantid}, {appId} and {appPassword} are values I already know

 

Is this correct? Must I implement the OAuth2 process?

 

Thanks,
Diego Doñate

Labels:
2,347 Views
0 Likes
4 Replies
Reply
4 Replies
Gousia_Begum

‎Jan 21 2020 10:39 PM

‎Jan 21 2020 10:39 PM

Re: Teams tab: Authentication to call Graph API

@diegoSpace 

1. If you want to fetch the list of users in a team you can directly use the bot context for that, you do not need to do a graph API call for that.

2. Yes, you could use this method when your app has application permissions. Getting access token without a user requires the admin of your tenant to give a one-time consent to your application. Your application can then do the graph api calls, it is permitted to, without the user.

0 Likes
Reply
diegoSpace

‎Jan 21 2020 11:56 PM - edited ‎Jan 22 2020 04:16 AM

‎Jan 21 2020 11:56 PM - edited ‎Jan 22 2020 04:16 AM

Re: Teams tab: Authentication to call Graph API

@Gousia_Begum 

Thanks for your response. I changed from 'ActivityHandler' to 'TeamsActivityHandler' and I get the members of the chat where I receive a message.

But it is possible in the bot using TeamsInfo with the context of the incoming message, isn't it? Can I get all the users of Teams client from the bot without this received message? I need to list all Teams users in my tab page. Now I get the list calling the Graph API from bot code, when I receive a custom request from tab code.

Where can I find TeamsInfo docu?

 

And another doubt, can I get the Teams userId and the chat Idin tab context? About the userId, I can only see the 'userObjectId', which is the Azure user id. About the chatId, there is a value in tab context but it is empty...

 

I would need to know these values in my tab page, to call my bot code and do things with them... In my bot I manage users with the Teams userId, and I need it for instance to create a new one2one chat ('connectorClient.conversations.createConversation(...)').

 

Thanks,
Diego

0 Likes
Reply
Gousia_Begum

‎Jan 29 2020 10:02 PM

‎Jan 29 2020 10:02 PM

Re: Teams tab: Authentication to call Graph API

@diegoSpace In order to get the list of users in a team inside a tab, you will need to make a Graph API call from the tab. Tab context does not allow you to fetch the details of all the members in a team. Please refer this document to see what are the different values tab context has. 

0 Likes
Reply
diegoSpace

‎Jan 31 2020 08:31 AM

‎Jan 31 2020 08:31 AM

Re: Teams tab: Authentication to call Graph API

@Gousia_Begum Thanks

0 Likes
Reply