User Profile
saminc
Copper Contributor
Joined 11 months ago
User Widgets
Recent Discussions
Resource-specific consent not showing up in permission grants
I've got an Azure app registration, and a Teams application with a manifest that specifies that ID in the webApplicationInfo. I also have the following permissions specified in the manifest: I then hit "Publish" within https://dev.teams.microsoft.com/, and publish the app into my organisation, which I am fairly sure is a Microsoft 365 Developer tenant. Once I've approved the app and added it to Teams, I see the following permissions: I have a backend for my Teams app, and I'd like it to be able to create channels. I do this by using my app's ID and secret, and hitting the OAuth2 token endpoint for the developer tenant, with a scope of "https://graph.microsoft.com/.default". This gives me back a JWT token, that when I decode it using jwt.ms, has Group.Selected in the roles array. This all seems correct so far! When I then use that token to create a channel, I get the following error: Missing role permissions on the request. API requires one of 'Channel.Create, Teamwork.Migrate.All, Group.ReadWrite.All, Directory.ReadWrite.All, Channel.Create.Group'. Roles on the request 'TeamsAppInstallation.ReadWriteSelfForTeam.All, Group.Selected, TeamsAppInstallation.ReadForTeam.All'. Resource specific consent grants on the request ''. I would expect to be gettingChannel.Create.Group as a resource-specific consent grant. How can I find out why this isn't happening? I've been following this guide but when I use the Graph Explorer to callhttps://graph.microsoft.com/beta/teams/{team-id}/permissionGrantsfor the team I installed the app into, I get back an empty array. Hopefully someone can spot what I'm doing wrong.664Views1like5Comments
Groups
Recent Blog Articles
No content to show