Issue with Teams RSC Permission TeamMember.Read.Group
I want to use Teams RSC to allow a bot to add and remove members of (private) teams channels. https://learn.microsoft.com/en-us/microsoftteams/platform/graph-api/rsc/resource-specific-consent#supported-rsc-permissions the API scope ChannelMember.ReadWrite.Group is appropriate for that. -> "Read and write the members of this team's channels." I have created a teams app and added the RSC API application scope (ChannelMember.ReadWrite.Group) to the App manifest and published the app to my org. The app has the "team" scope. Then I installed the app in a team and tested the API access. I sign-in with the Application SP using app-only auth. What is working: I can read the members of a public channel in the team using: invoke-mggraphRequest -Uri https://graph.microsoft.com/v1.0/teams/[team id]/channels/[channel id]/members -Method Get I can also read the members of a shared channel in the team using the same request. What is not working: I cannot access a private channel in the team: The above request yields the response: "code":"Forbidden","message":"Caller does not have the required roles for accessing 'Private' channel data. To access 'Private' data, API requires one of 'ChannelMember.Read.All, ChannelMember.ReadWrite.All, Group.Read.All, Directory.Read.All, Group.ReadWrite.All, Directory.ReadWrite.All'. Roles on the request 'Group.Selected'." I cannot remove a member from a shared channel. The request: invoke-mggraphRequest -Uri https://graph.microsoft.com/v1.0/teams/[team id]/channels/[channel id]/members/[member id] -Method Delete yields the error: "code":"Forbidden","message":"Caller app is not enabled for requesting the channel of 'Shared' channel type. To access channel data app has to be enabled in the requesting channel." Has someone successfully used the RSC TeamMember.Read.Group in a shared or private channel? Why does the API not work in private channels and only for read in shared channel? The documentation says "of this team's channels", it does not mention any restriction to public channels. Also a write scope only to public channels does not make sense, as members of a public channel are inherited from the team and cannot be managed seperately. What do I need to do differently to be able to read and modify members of private and shared channels in a team using RSC permissions?
Microsoft Teams Bot OAuth login shows blank screen and closes without signing in
I’m building a Microsoft Teams bot using Azure AD OAuth (SSO) with Bot Framework. When I click Sign in, the OAuth popup in Teams shows a blank screen for a moment, then closes automatically without signing me in. What I’ve Done Added redirect URI in Azure App Registration: https://token.botframework.com/.auth/web/redirect Enabled Access tokens and ID tokens in App Registration → Authentication. Configured OAuth connection in Bot Channels Registration (ConnectionName matches my bot code). Verified client ID, client secret, and tenant ID are correct. Code bot.js require("dotenv").config(); const { TeamsActivityHandler } = require("botbuilder"); const { Client } = require("@microsoft/microsoft-graph-client"); const { DialogSet, DialogTurnStatus, OAuthPrompt, WaterfallDialog } = require("botbuilder-dialogs"); require("isomorphic-fetch"); const OAUTH_PROMPT = "OAuthPrompt"; const MAIN_DIALOG = "MainDialog"; class BotActivityHandler extends TeamsActivityHandler { constructor(conversationState, userState) { super(); this.conversationState = conversationState; this.userState = userState; this.dialogState = this.conversationState.createProperty("DialogState"); this.dialogs = new DialogSet(this.dialogState); // OAuthPrompt for Teams SSO this.dialogs.add( new OAuthPrompt(OAUTH_PROMPT, { connectionName: process.env.CONNECTION_NAME, text: "Please sign in to continue", title: "Sign In", timeout: 300000, }) ); this.dialogs.add( new WaterfallDialog(MAIN_DIALOG, [ this.promptStep.bind(this), this.handleFileStep.bind(this), ]) ); this.onMessage(async (context, next) => { const text = (context.activity.text || "").trim().toLowerCase(); const dialogCtx = await this.dialogs.createContext(context); if (text.startsWith("/")) { // ...handle commands... } else { const results = await dialogCtx.continueDialog(); if (results.status === DialogTurnStatus.empty) { if (context.activity.attachments?.length > 0) { await dialogCtx.beginDialog(MAIN_DIALOG, { file: context.activity.attachments[0], }); } else { await context.sendActivity("Upload a file or type /help."); } } } await next(); }); } async promptStep(stepContext) { return await stepContext.beginDialog(OAUTH_PROMPT); } async handleFileStep(stepContext) { const tokenResponse = stepContext.result; if (!tokenResponse?.token) { await stepContext.context.sendActivity("Please sign in to access files."); return await stepContext.endDialog(); } const token = tokenResponse.token; // Use token with Microsoft Graph API // ... return await stepContext.endDialog(); } } module.exports.BotActivityHandler = BotActivityHandler; Problem OAuth popup appears, then closes without completing login. No token is returned to the bot. Questions Why does the OAuth popup in Teams close immediately without signing in? Where can I see detailed error logs for OAuth failures? Azure AD sign-in logs? Application Insights (do I need to configure Instrumentation Key in Bot Service)? Environment Bot Framework v4 (Node.js) Azure Bot Service Microsoft Teams channel Azure AD v2 OAuth
Replies not included when retrieving messages using GraphApi
Hi Team, We've noticed that when we retrieve a message using the https://learn.microsoft.com/en-us/graph/api/chatmessage-get?view=graph-rest-1.0&tabs=http for a message that is a reply to another message we are missing an attachment. This only happens to message that are sent by a Teams bot. These attachments used to always be present for replies but now are missing. Steps to reproduce Start the Echo bot from the sample templates (I used Teams Toolkit to deploy it to Teams or run it in the Test tool). In addition, I followed http:// https://learn.microsoft.com/en-us/graph/tutorials/typescript-app-only?tabs=aad to add the graph Api to my bot. Give the permission ChatMessage.Read.All to the application created by the Teams Toolkit. In the graphHelper.ts file, add the following function: export async function getMessage(conversationId: string, messageId: string) : Promise<any> { return _appClient.api('/chats/'+conversationId+'/messages/'+messageId) .get(); } In the TeamsBot.ts file, modify the onMessage function by replacing await context.sendActivity(...) with the following code. const message = await getMessage("19:email address removed for privacy reasons.spaces", context.activity.id); if (message.attachments.length == 0) { await context.sendActivity("No reply message found"); } else { await context.sendActivity("Reply message found<br/>" + message.attachments[0].content); } Note: For simplicity the conversation Id is hard coded with the one used for my tests here Observed behaviour: First case: Message with no reply We don't receive any attachment as expect because this not a reply message. Second case: Message that replies to my own message. We receive an attachment as expected because this is a reply message Third case: Message that replies to a bot message We don't receive any attachment. This is unexpected as this is a message reply. The third case is surprising to us as it used to work the same way as the second case but now we get an inconsistent behaviour. Can you advise if this is an expected behaviour ? Is there a workaround to simply parse message replies ? Thank you !
How to send a message to a thread (reply) using botbuilder 4.0 SDK
How to send a message to a thread (reply) using botbuilder 4.0 SDK Scenario:- 1. User A -> Types a message in Teams App (bot) 2. Now Bot has to reply to the same thread that user A has started in Teams App (bot) I am able to send a new message in the Teams App (bot) - Not expected The bot needs to reply to the same thread the user started - Expected If you have any document link or example, please point it out. Thank you.
MS Graph API - MS Teams channel last updated/last message
Hi, we want to do a report of all our Teams and Channels. With that it would be nice to get when it was lastly updated/used so we could do some cleanup afterwards. Via Powershell and also GraphaAPI check i know that channels do not save data of when they have been lastly updated, the only chance I have is to use GraphAPI and check messages for similar data. This call https://graph.microsoft.com/v1.0/teams/%7Bteam-id%7D/channels/%7Bchannel-id%7D/messages should help me out BUT it always returns with 403. I have all needed permissions consented (as I am global admin in our tenant), I have correct ID's added (checked with checking the channel and returning details of the channel). Request token is valid. https://i.stack.imgur.com/xmnmF.png MS Teams API export is one of the possible option but since I need to check way long in the past, it is limited by retention policy. I really just need to get last message (not the text, but just details about it) from each channel to get a "time stamp" of last activity. Ideally when and who. Can you please help me out? Thank you
Roster update missing and recording bot
Hello, I have several bots running on my company's tenant. One is a recording bot, using nugget Microsoft.Skype.Bots.Media (1.23.0.49-alpha) Another is a calling bot using directly the Microsoft GRAPH API, without any SDK. The calling bot creates a 1:1 call with a user, then escalates the call into a conference by inviting other users. Everything works well, except when the very first user is recorded. In that case only, the calling bot does not receive roster update notifications. Here is an extract of the calling bot logs, showing the lack of notifications. 220607;10:20:08.449;[00415];019;APP_CALL;CREATE_CALL;7681;RestRequest;GetWebRequest;T;>>>>>> request type=CreateCallRequest uri=https://graph.microsoft.com/v1.0/communications/calls method=POST content=application/json raw={"tenantId":"bd194de5-c933-499f-ac81-2f54715b7525","callbackUri":"https://XXXXXXX-teams-gateway.francecentral.cloudapp.azure.com:8544/callback/call","mediaConfig":{"@odata.type":"#microsoft.graph.serviceHostedMediaConfig","preFetchMedia":[]},"source":{"identity":{"application":{"id":"c02ef987-b36c-4fea-9a69-2ab6c818a7ba","displayName":"TANNCE","name":"TANNCE"}}},"targets":[{"identity":{"user":{"id":"a75f8483-9fb4-4e07-8e41-6ef5d1e928b0"}}}]} 220607;10:20:08.528;[00057];019;APP_CALL;CREATE_CALL_ACK;7681;StringResponse;ReadInternal;T;<<<<<< request type=CreateCallRequest response={"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#communications/calls/$entity","id":"631f5e00-edf0-44e3-a73d-32d236efe5a7","state":"establishing","transferState":null,"terminationReason":null,"direction":"outgoing","ringingTimeoutInSeconds":null,"subject":null,"callbackUri":"https://XXXXXXX-teams-gateway.francecentral.cloudapp.azure.com:8544/callback/call","requestedModalities":[],"activeModalities":[],"routingPolicies":[],"tenantId":"bd194de5-c933-499f-ac81-2f54715b7525","myParticipantId":"10ba0fc2-d01d-4cb7-a6af-59348c7b789e","callChainId":"9f155eed-bc5b-461e-a593-68c6efa15d5c","mediaHostedRegion":null,"mediaState":null,"resultInfo":null,"answeredBy":null,"chatInfo":null,"meetingInfo":null,"transcription":null,"callOptions":null,"meetingCapability":null,"breakoutDetails":null,"pstnDetails":null,"toneInfo":null,"incomingContext":null,"terminationSender":null,"meetingGroupDetails":null,"callRoutes":[],"source":{"endpointType":null,"region":null,"languageId":null,"countryCode":null,"participantId":null,"identity":{"user":null,"phone":null,"guest":null,"encrypted":null,"onPremises":null,"applicationInstance":null,"device":null,"application":{"id":"c02ef987-b36c-4fea-9a69-2ab6c818a7ba","displayName":"TANNCE","tenantId":null,"registrantId":null,"name":"TANNCE"}}},"targets":[{"endpointType":null,"replacesCallId":null,"hidden":null,"removeFromDefaultAudioRoutingGroup":null,"participantId":null,"identity":{"phone":null,"guest":null,"encrypted":null,"onPremises":null,"applicationInstance":null,"application":null,"device":null,"user":{"id":"a75f8483-9fb4-4e07-8e41-6ef5d1e928b0","displayName":null,"tenantId":null,"registrantId":null}}}],"mediaConfig":{"@odata.type":"#microsoft.graph.serviceHostedMediaConfig","preFetchMedia":[]}} 220607;10:20:08.563;[00879];026;SERVER;CALLBACK_CALL_ACK;E320;QServer;EndOp;X;<<<<<<<<<< {"@odata.type":"#microsoft.graph.commsNotifications","value":[{"@odata.type":"#microsoft.graph.commsNotification","changeType":"updated","resource":"/app/calls/631f5e00-edf0-44e3-a73d-32d236efe5a7","resourceUrl":"/communications/calls/631f5e00-edf0-44e3-a73d-32d236efe5a7","resourceData":{"@odata.type":"#microsoft.graph.call","state":"establishing","callChainId":"9f155eed-bc5b-461e-a593-68c6efa15d5c"}}]} 220607;10:20:12.860;[00879];026;SERVER;CALLBACK_CALL_ACK;9D44;QServer;EndOp;X;<<<<<<<<<< {"@odata.type":"#microsoft.graph.commsNotifications","value":[{"@odata.type":"#microsoft.graph.commsNotification","changeType":"updated","resource":"/app/calls/631f5e00-edf0-44e3-a73d-32d236efe5a7","resourceUrl":"/communications/calls/631f5e00-edf0-44e3-a73d-32d236efe5a7","resourceData":{"@odata.type":"#microsoft.graph.call","state":"established","direction":"outgoing","callChainId":"9f155eed-bc5b-461e-a593-68c6efa15d5c"}}]} 220607;10:20:12.971;[00879];026;SERVER;CALLBACK_CALL_ACK;8F2E;QServer;EndOp;X;<<<<<<<<<< {"@odata.type":"#microsoft.graph.commsNotifications","value":[{"@odata.type":"#microsoft.graph.commsNotification","changeType":"updated","resource":"/app/calls/631f5e00-edf0-44e3-a73d-32d236efe5a7","resourceUrl":"/communications/calls/631f5e00-edf0-44e3-a73d-32d236efe5a7","resourceData":{"@odata.type":"#microsoft.graph.call","state":"established","mediaState":{"@odata.type":"#microsoft.graph.callMediaState","audio":"active"},"callChainId":"9f155eed-bc5b-461e-a593-68c6efa15d5c"}}]} 220607;10:20:12.971;[00415];019;APP_CALL;INVITE_PARTICIPANT;5E5A;RestRequest;GetWebRequest;T;>>>>>> request type=InviteParticipantsRequest uri=https://graph.microsoft.com/v1.0/communications/calls/631f5e00-edf0-44e3-a73d-32d236efe5a7/participants/invite method=POST content=application/json raw={"participants":[{"identity":{"user":{"id":"d609b7e5-49ad-4d84-9cfa-5107e5f0fd51"}}}],"clientContext":"631f5e00-edf0-44e3-a73d-32d236efe5a7"} 220607;10:20:13.060;[00057];019;APP_CALL;INVITE_PARTICIPANT_ACK;5E5A;StringResponse;ReadInternal;T;<<<<<< request type=InviteParticipantsRequest response={"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#inviteParticipantsOperation","@odata.type":"#microsoft.graph.inviteParticipantsOperation","id":"225aacaa-cc93-4dab-b85e-05c3d418dbe5","status":"Running","clientContext":"631f5e00-edf0-44e3-a73d-32d236efe5a7","resultInfo":null,"participants":[{"endpointType":null,"replacesCallId":null,"hidden":null,"removeFromDefaultAudioRoutingGroup":null,"participantId":"0291aa8a-e2ce-4fc5-8b46-c6c21a05a25b","identity":{"phone":null,"guest":null,"encrypted":null,"onPremises":null,"applicationInstance":null,"application":null,"device":null,"user":{"id":"d609b7e5-49ad-4d84-9cfa-5107e5f0fd51","displayName":null,"tenantId":"bd194de5-c933-499f-ac81-2f54715b7525","registrantId":null}}}]} 220607;10:20:17.254;[00879];026;SERVER;CALLBACK_CALL_ACK;7AD9;QServer;EndOp;X;<<<<<<<<<< {"@odata.type":"#microsoft.graph.commsNotifications","value":[{"@odata.type":"#microsoft.graph.commsNotification","changeType":"deleted","resource":"/app/calls/631f5e00-edf0-44e3-a73d-32d236efe5a7/operations/225aacaa-cc93-4dab-b85e-05c3d418dbe5","resourceUrl":"/communications/calls/631f5e00-edf0-44e3-a73d-32d236efe5a7/operations/225aacaa-cc93-4dab-b85e-05c3d418dbe5","resourceData":{"@odata.type":"#microsoft.graph.inviteParticipantsOperation","participants":[{"@odata.type":"#microsoft.graph.invitationParticipantInfo","identity":{"@odata.type":"#microsoft.graph.identitySet","user":{"@odata.type":"#microsoft.graph.identity","id":"d609b7e5-49ad-4d84-9cfa-5107e5f0fd51","tenantId":"bd194de5-c933-499f-ac81-2f54715b7525"}},"participantId":"0291aa8a-e2ce-4fc5-8b46-c6c21a05a25b"}],"status":"completed","clientContext":"631f5e00-edf0-44e3-a73d-32d236efe5a7","id":"225aacaa-cc93-4dab-b85e-05c3d418dbe5"}}]} 220607;10:20:29.234;[00879];026;SERVER;CALLBACK_CALL_ACK;9C9C;QServer;EndOp;X;<<<<<<<<<< {"@odata.type":"#microsoft.graph.commsNotifications","value":[{"@odata.type":"#microsoft.graph.commsNotification","changeType":"deleted","resource":"/app/calls/631f5e00-edf0-44e3-a73d-32d236efe5a7","resourceUrl":"/communications/calls/631f5e00-edf0-44e3-a73d-32d236efe5a7","resourceData":{"@odata.type":"#microsoft.graph.call","state":"terminated","resultInfo":{"@odata.type":"#microsoft.graph.resultInfo","code":200,"subcode":5010,"message":"This conversation has ended as only one participant was remaining in the conversation.. DiagCode: 0#5010.@"},"callChainId":"9f155eed-bc5b-461e-a593-68c6efa15d5c"}}]} Best regards, David CHOLLETIVR Scenario Problems
Hey There I have a MS Graph Bot for Teams and have to play a .Wav File during a Call. I can start this Call and Manage it very well over Graph. But when I want to start a Sound I become Completed. But No Sound starts. When I read the results of the Call I see 2 Error Messages: What am I doing Wrong? Best Regards Swess
