I have completed all of the prescribed tasks to create an App registration in the customers tenant. The app has been granted the following permissions (all showing "Granted"):
Azure Active Directory Graph: --> Directory.AccessAsUser.All | Delegated | Access the directory as the signed-in user --> Directory.Read.All | Application | Read directory data --> User.Read | Delegated | Sign in and read user profile Microsoft Graph: --> Directory.Read.All | Application | Read directory data --> SecurityEvents.Read.All | Application | Read your organization's security events Microsoft Partner Center: --> user_impersonation | Delegated | Access Partner Center
I successfully obtained the refresh token and, subsequently, an access token. I can successfully connect to the customers Teams using Connect-MicrosoftTeams which returns the correct Account, Environment, Tenant, TenantId, and TenantDomain.
The PowerShell script is running on a Server 2016 server hosted in our Azure tenant.
Using get-teams, I get no errors, but get null returned. The account used in Connect-MicrosoftTeams is an account in the customer's tenant with Global admin and Teams service admin roles. Yet, I can't even see a Teams team that I am the owner of.