Pin a message in a channel in MS Teams using MS Graph API
I've created a MS Teams app and as part of it's functionality, it has to pin the message (in both one-on-one chat and in a channel) on behalf of the user I'm using below API to pin a message in a channel in MS Teams https://graph.microsoft.com/v1.0/chats/<chatID>/pinnedMessages Endpoint: - POST https://graph.microsoft.com/v1.0/chats/19:....@thread.tacv2/pinnedMessages Body: { "email address removed for privacy reasons": "https://graph.microsoft.com/v1.0/chats/19:....@thread.tacv2/messages/<message_id>" } Note: - 19:....@thread.tacv2 is the chatID of the channel And I get a successful response as below 201 Created { "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#chats('19%3.......%40thread.tacv2')/pinnedMessages/$entity", "id": "<message_id>" } But when I go that particular channel, I don't see the message as the pinned message in the channel But when I try to get the list of pinned message in a channel using below API, it gives the response that the above message which I pinned. But I don't see it in the channel in MS Teams. And I'm facing this issue only while pinning the message in the channel using MS Graph API. I don't face the same issue with one-on-one chat with the bot I've created.
How to get a user P.O. Box from Active directory using Graph API
Inside our Active Directory, we have this value for the P.O Box:- now i want to get this value based on the user's email address using graph api, i tried those endpoint, but never able to get the P.O. Box value, here what i tried:- 1) https://graph.microsoft.com/beta/users/<useremail>/profile/ I got this as part of the response, "company": { "displayName": "****", "pronunciation": null, "department": "***", "companyCode": null, "officeLocation": "****", "webUrl": null, "secondaryDepartment": null, "address": { "type": "business", "postOfficeBox": null, "street": "****", "city": "***", "state": "***", "countryOrRegion": "**", "postalCode": "***" } } } there there is postOfficeBox but it is null 2) https://graph.microsoft.com/v1.0/users/<email address> this does not include P.O. Box any advice?Clone Team endpoint is broken
Microsoft Graph's "clone Team" endpoint is not working as intended and changes its behaviour without any communication from Microsoft. The problem is the new feature that enables users to name the primary channel. Until yesterday, the primary channel was just created as a "normal" channel in the cloned team and an additional primary channel with the default name "General" was created. Since yesterday, the primary channel is now cloned "correctly", but now the tabs are completely ignored and not even the default "Notes" tab is created in the primary channel. So when cloning a team, the primary channel itself is created, but it is just completely empty. Will this be fixed and if so, when? And are there any additional resources for changes in the Graph API that I don't know about? Because this is not mentioned in the Graph API changelog. It seems like Microsoft is indeed working on this, but this last change does not fix anything, it makes it even worse.
Issue with Downloading Teams Sticker via Graph API - HTTP 400 Bad Request
Hi all, I am encountering an issue when attempting to download a sticker from Microsoft Teams using the Graph API. Below are the details of my request and the problem I am facing: Issue Description: I am using the following API format to download a sticker: GET https://graph.microsoft.com/v1.0/teams/xxx/messages/yyy/hostedContents/zzz/$value The request returns an HTTP 400 Bad Request response. The error details are as follows: { "error": { "code": "BadRequest", "message": "Provided hosted content identifier is invalid." }} Upon decoding zzz part of the API request URL, I obtained the following information: id=,type=1,url=https://us-prod.asyncgw.teams.microsoft.com/v1/url/content?url=https%3a%2f%2fstatic.wixstatic.com%2fmedia%2f4b00a4_e293905cf80f4ba4853c80a0a98dd748~mv2.png From the decoded data, it appears that the id field is empty. I suspect that this might be the reason why I am receiving the HTTP 400 Bad Request response. Questions: Has anyone encountered a similar issue when attempting to download a hosted sticker from Teams via the Graph API? Is there a specific reason why the id field is empty in the decoded content information? How can I resolve this issue and successfully retrieve the sticker content? Any insights or guidance on resolving this issue would be greatly appreciated. Thank you for your support. Best regards, Kein
"Insufficient privileges to complete the operation" while using Graph API
Hello, everyone! I'm trying to use the Microsoft Graph API with App Authentication to assign an Product License to a user. My App has the App permissions "LicenseAssignment.ReadWrite.All", "Directory.ReadWrite.All" and "User.ReadWrite.All". https://graph.microsoft.com/v1.0/users/$upn/assignLicense { "error": { "code": "Authorization_RequestDenied", "message": "Insufficient privileges to complete the operation.", "innerError": { "date": "2025-03-19T08:17:35", "request-id": "c368027b-6462-472f-a726-a9b04b26e11e", "client-request-id": "c368027b-6462-472f-a726-a9b04b26e11e" } } } My request body looks as follows: { "addLicenses": [ { "disabledPlans": [], "skuId": "..." } ], "removeLicenses": [] } For assigning a license, I got teams(community) list, and members list. I hope for your selfless help.Grant "read" role for a DriveItem to an Entra ID app
Context My web app uses an Entra ID application to organize file transfer from Sharepoint to the local storage. For this to work, a combination of “Files.Read.All” Delegated permission and FilePicker SDK v7.2 for JavaScript is used. A user authorizes using his Microsoft work account, agrees with the consent, selects a file, and the web app reads and downloads that file. Question How to have a stable way for the Entra ID app to read any file, which was previously selected by any user, at any time? (Have a permanent “read” access) What I have tried Files.SelectedOperations.Selected Application permission. I can request a JWT token for the Entra ID app (POST /tenant_id/oauth2/v2.0/token), but a call (POST /v1.0/sites/site_Id/drives/drive_Id/items/item_Id/permissions) to grant “read” role for a DriveItem by siteId, driveId and itemId retrieved from FilePicker SDK's response returns 403 “accessDenied”. Apparently, that’s the user who must grant access to that file, but on UI he cannot share it with an Entra ID app, only with another user. Re-usage of user’s accessToken which comes from FilePicker SDK to backend to grant "read" role for the Entra ID app to the file he has just selected. This accessToken is not full and cannot be used to perform such an operation. Ultimate Goal (just for more context) Implement OneDrive file auto-synchronization service for the web app. For example, a user uploads a file to the web app. A month later he updates this file on Sharepoint in a site-collection or My Files. A background task is launched daily to update obsoleted files in the web app. The application must be able to read and download the respective DriveItem without any user interaction. Business Restrictions Excessive Application type permissions (Files.Read.All, FullControl, etc.) are not allowed. Sites.Selected is highly NOT preferred because it requires global changes for users to transfer (copies of) their content on a special site-collection the Entra ID app will have to monitor. So is actual if each customer Users should not be involved into using developer tools, like sending POST requests through Postman or Graph Explorer. Authorization flows which involve refreshing the received users' accessTokens are not allowed. I am grateful for any information and ideas!
Cannot get webinar registrants
I'm trying to use PowerAutomate's Send a Microsoft Graph HTTP request to get webinar registrant details. The end goal is to send registrant details into make.com as part of a wider automation, but I simply cannot get the GET request to work. I want to know if it's actually possible to do - thanks for your patience, I feel a little out of my depth...Getting delta change for files from team and its channels
We are processing delta changes from onedrive data and teams data. We are using delta api so if someone share the current file with any user we got the file details in delta api for onedrive item. But in case of teams and channle data it won't. So is there any way to get delta for the files from team if shared with some othe user or team. We also want api to know files shared with team as we are also fetching data shared with user by using insight apiAuthentication issue while using Client Credential through Oauth2.0
Hi Community Hope you are doing well. I am unable to authenticate to our registered app in azure. I am looking to test the get/users graph api using insomnia (similar tool as postman). During Token generation we are getting 401 error. we are provide correct Client ID and Secret with right scope url. I created the app, added the necessary permissions and the client credentials. Do I need to add a redirect uri to the app? Does the app need to be registered account types as "accounts in any organization directory"? I am getting a 401 unauthorized error Can you please assist what I'm what is missing here? I will really do appreciate your help. Thanks Vatan
Error getting new token
Hi, i want to add a new member to a private channel. I follow the authentication flow as follows: a) starting with url https://login.microsoftonline.com/#tenantid#/oauth2/v2.0/authorize?client_id=#clientid#&response_type=code&response_mode=query&redirect_uri=https://www.dashandwerk.net/dashandwerk/api/graph/webhook&scope=offline_access%20TeamMember.ReadWrite.All%20ChannelMember.ReadWrite.All%20User.Read&state=1234" b) my redirect_uri will open and i am getting a new code c) this new code will be used to get a new token with this url https://login.microsoftonline.com/#tenant#/oauth2/v2.0/token?client_id=#client_id# &client_secret=#client_secret# &scope=offline_access%20TeamMember.ReadWrite.All,ChannelMessage.Send%20User.Read%20Mail.Read%20ChannelMember.ReadWrite.All' &code=#code# &redirect_uri=https://www.dashandwerk.net/dashandwerk/api/graph/webhook &grant_type=authorization_code But when getting the new token, i am getting this error: "{"error":"invalid_grant","error_description":"AADSTS65001: The user or administrator has not consented to use the application with ID '640a5194-77b1-40cf-b774-fc9eb9a6d128' named 'dashandwerk-teams'. Send an interactive authorization request for this user and resource. Trace ID: 34a8ea64-b664-448c-9b7c-b4c9a92e0300 Correlation ID: 77e80082-9e58-4da9-8752-2d7bc75d7262 Timestamp: 2025-03-03 11:11:08Z","error_codes":[65001],"timestamp":"2025-03-03 11:11:08Z","trace_id":"34a8ea64-b664-448c-9b7c-b4c9a92e0300","correlation_id":"77e80082-9e58-4da9-8752-2d7bc75d7262","suberror":"consent_required"} Searching on google shows this: Make sure you have followed the steps to grant admin consent. You can do this under Application > API permissions > Grant admin consent. But all grants have admin consent in the office admin center for intra at the app registration. Any ideas to solve this issue ?
