The Teams Developer Portal needs administrative views
The Teams Developer portal needs some way for Teams service admins or Global admins to view everything that is being deployed to the catalog both in a published and unpublished state. Alternatively, develop some graph endpoints that could be turned into cmdlets in Microsoft Teams PowerShell module or the Graph PowerShell SDK module. As administrators we need the ability to help with keeping our tenant clean, so these kinds of views or endpoints would allow us to make sure that anything uploaded and not needed may be removed or reassigned if the underlying owner leaves and someone else needs to take over something they've been developing. I've submitted a feedback item to the portal - so please help by adding a vote to the entry to bring it up as an enhancement for the Teams Developer Portal services. The Teams Developer Portal needs administrative views or PowerShell/Graph capabilities to manage uploaded solutions and other artifacts · Community
Affordable Conference Room Setups for Small Businesses Using Microsoft Teams Resource Accounts
Our small business (around 40 users) recently migrated from Google to Microsoft 365, and we’re facing several challenges in optimizing our meeting rooms for Teams without incurring large costs. Here’s our current setup and the main issues we are encountering—hoping for advice or creative solutions from the community. Current Setup All computers are domain-joined. We created resource accounts for each of our three meeting rooms; these appear correctly as Rooms in Outlook and Teams booking menus. Each meeting room contains a standard desktop PC (not MTR-certified) running Windows, logged into Teams as the room’s resource account. Employees use the meeting room computer to join calls and manage the meeting calendar. Current Issues Wireless Presenting (Casting): Teams’ wireless casting feature appears to require MTR-certified hardware, which is financially out of reach for a business our size. Unplugging and plugging HDMI cables is cumbersome and error-prone, especially since not everyone uses a laptop, and reconnecting the room PC is often forgotten. Agenda & Calendar Privacy: When meetings are booked, the full Teams agenda and chat history remain accessible on the meeting room machine. That means anyone in the room can view past meetings/agendas, which isn’t ideal from a privacy perspective. Screen Sharing and File Security: To present from the meeting room PC, any files must be accessible by the resource account, creating additional security concerns and sharing/permission headaches. What We’re Looking For Affordable wireless presenting options for meeting rooms—ideally something that integrates smoothly with Microsoft Teams, but without requiring full MTR hardware. Best practices to lock down or reset the meeting room PC so meeting agendas, chats, and files are not visible after a session. Secure ways to allow guests to present (screen share, share files, etc.) without exposing company data or making users jump through complicated permission processes. If anyone has experience setting up small, cost-effective Teams Rooms, especially with regular PCs rather than dedicated MTR devices, advice would be greatly appreciated! Specific steps, hardware/software recommendations, or management tips would all be helpful. Thanks in advance for any guidance!Azure Bot not joining meeting - Server Internal Error. DiagCode: 500#1203002.@
This problem has been bothering me for about two weeks and I haven’t found a solution yet. I’d really appreciate your help. Environment Setup 1.Development Tool: Visual Studio 2022 2.Deployment: The service is hosted on AWS. In AWS Networking, both TCP and UDP port 14217 are opened. The operating system is Windows Server 2022, and the firewall has been disabled temporarily for testing. 3.Certificate: A wildcard SSL certificate issued by Let’s Encrypt (CN = *.bottest.com, RSA-based) has been installed under LocalMachine\My certificate store. 4.Reverse Proxy: Both HTTPS and TCP traffic are forwarded through Nginx. http { server { listen 80; server_name localhost; } server { listen 443 ssl; server_name signaling.bottest.com; ssl_certificate fullchain.pem; ssl_certificate_key privkey.pem; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; location / { proxy_pass http://127.0.0.1:5001; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection keep-alive; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } } } stream { upstream dotnet_app_tcp { server 127.0.0.1:8445; } server { listen 14217 ssl; ssl_certificate fullchain.pem; ssl_certificate_key privkey.pem; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; proxy_pass dotnet_app_tcp; } } 5. The bot’s Application Permissions have also been granted, as shown in the figure below: 6. Bot initialization var mediaPlatformSettings = new MediaPlatformSettings { ApplicationId = _botConfig.MicrosoftAppId, MediaPlatformInstanceSettings = new MediaPlatformInstanceSettings { CertificateThumbprint = _botConfig.CertificateThumbprint, // LocalMachine/My certificate-*.bottest.com-thumbprint InstanceInternalPort = 8445, InstancePublicPort = 14217, InstancePublicIPAddress = IPAddress.Parse("18.181.xx.xx"), // AWS public IP ServiceFqdn = "media.bottest.com" } }; _communicationsClient = new CommunicationsClientBuilder("IMediaSessionBot", _botConfig.MicrosoftAppId, _graphLogger) .SetAuthenticationProvider(_authProvider) .SetServiceBaseUrl(new Uri("https://graph.microsoft.com/v1.0")) .SetNotificationUrl(new Uri($"{_botConfig.PublicUrl}/api/calls")) .SetMediaPlatformSettings(mediaPlatformSettings) .SetHttpClient(httpClient) .Build(); _communicationsClient.Calls().OnIncoming += this.OnIncomingCall; _communicationsClient.Calls().OnUpdated += OnCallUpdated; } 7.join meeting var scenarioId = Guid.NewGuid(); var meetingDetails = MeetingUrlParser.Parse(meetingUrl); var chatInfo = new ChatInfo { ThreadId = meetingDetails.ThreadId }; var meetingInfo = new JoinMeetingIdMeetingInfo { JoinMeetingId = _botConfig.MeetingID, Passcode = _botConfig.MeetingPasscode, AdditionalData = new Dictionary<string, object> { { "allowConversationWithoutHost" , true }, }, }; ILocalMediaSession mediaSession = this.CreateLocalMediaSession(); var joinParams = new JoinMeetingParameters(chatInfo, meetingInfo, mediaSession) { TenantId = tenantId, AllowGuestToBypassLobby = true }; try { _activeCall = await _communicationsClient.Calls().AddAsync(joinParams, scenarioId).ConfigureAwait(false); _logger.LogInformation($"Successfully initiated the add-participant request, Call ID:: {_activeCall.Id}"); } catch (ODataError ex) { Console.WriteLine($"{DateTime.Now:yyyy-MM-dd HH:mm:ss.fff} Failed to initiate the call: .ex={ex.ToString()}"); throw; } private ILocalMediaSession CreateLocalMediaSession(Guid mediaSessionId = default(Guid)) { var mediaSession = this._communicationsClient.CreateMediaSession( new AudioSocketSettings { StreamDirections = StreamDirection.Recvonly, SupportedAudioFormat = AudioFormat.Pcm16K, ReceiveUnmixedMeetingAudio = true, EnableAudioHealingForUnmixed = true }, new VideoSocketSettings { StreamDirections = StreamDirection.Inactive }, mediaSessionId: mediaSessionId); return mediaSession; } 8.call back(SetNotificationUrl(new Uri($"{_botConfig.PublicUrl}/api/calls"))) State at first attempt:Notification payload: {"@odata.type":"#microsoft.graph.commsNotifications","value":[{"@odata.type":"#microsoft.graph.commsNotification","changeType":"updated","resource":"/app/calls/07004d80-44b9-479e-bb43-2d5983e3f235","resourceUrl":"/communications/calls/07004d80-44b9-479e-bb43-2d5983e3f235","resourceData":{"@odata.type":"#microsoft.graph.call","state":"establishing","chatInfo":{"@odata.type":"#microsoft.graph.chatInfo","threadId":"19:meeting_MzIyMTYzOTMtMGYyNi00OTE2LTg2NjUtYmU4ZDlhYmY2ZmRj@thread.v2"},"meetingInfo":{"@odata.type":"#microsoft.graph.joinMeetingIdMeetingInfo","joinMeetingId":"4130864187312","passcode":"P7GY7Vv2","allowConversationWithoutHost":true},"callChainId":"b50a00dc-74da-42b0-966a-e88dea7e6087"}}]} State at second attempt:Notification payload: {"@odata.type":"#microsoft.graph.commsNotifications","value":[{"@odata.type":"#microsoft.graph.commsNotification","changeType":"deleted","resource":"/app/calls/07004d80-44b9-479e-bb43-2d5983e3f235","resourceUrl":"/communications/calls/07004d80-44b9-479e-bb43-2d5983e3f235","resourceData":{"@odata.type":"#microsoft.graph.call","state":"terminated","resultInfo":{"@odata.type":"#microsoft.graph.resultInfo","code":500,"subcode":1203002,"message":"Server Internal Error. DiagCode: 500#1203002.@"},"chatInfo":{"@odata.type":"#microsoft.graph.chatInfo","threadId":"19:meeting_MzIyMTYzOTMtMGYyNi00OTE2LTg2NjUtYmU4ZDlhYmY2ZmRj@thread.v2"},"meetingInfo":{"@odata.type":"#microsoft.graph.joinMeetingIdMeetingInfo","joinMeetingId":"4130864187312","passcode":"P7GY7Vv2","allowConversationWithoutHost":true},"callChainId":"b50a00dc-74da-42b0-966a-e88dea7e6087"}}]} Here, an error occurred: 500 #1203002. 9. Based on the packet capture, the issue seems to be related to interactions with /MediaProcessor/v1. It’s unclear whether this is due to a protocol mismatch or a certificate mismatch, as shown in the figure below: 10.Database schema (DDL) dependencies required by the bot <ItemGroup> <PackageReference Include="Microsoft.ApplicationInsights.WorkerService" Version="2.23.0" /> <PackageReference Include="Microsoft.Azure.Functions.Worker" Version="1.24.0" /> <PackageReference Include="Microsoft.Azure.Functions.Worker.ApplicationInsights" Version="1.4.0" /> <PackageReference Include="Microsoft.Azure.Functions.Worker.Core" Version="1.20.0" /> <PackageReference Include="Microsoft.Azure.Functions.Worker.Extensions.Http" Version="3.3.0" /> <PackageReference Include="Microsoft.Azure.Functions.Worker.Sdk" Version="1.18.1" /> <PackageReference Include="Microsoft.AspNetCore" Version="2.1.3" /> <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.1.2" /> <PackageReference Include="Microsoft.Bot.Builder.Integration.AspNet.WebApi" Version="4.22.1" /> <PackageReference Include="Microsoft.CognitiveServices.Speech" Version="1.46.0" /> <PackageReference Include="Microsoft.Graph.Communications.Calls.Media" Version="1.2.0.10563" /> <PackageReference Include="Microsoft.Graph.Communications.Core" Version="1.2.0.10563" /> <PackageReference Include="Microsoft.Graph.Core" Version="3.1.3" /> <PackageReference Include="Microsoft.IO.RecyclableMemoryStream" Version="3.0.1" /> <PackageReference Include="Microsoft.ServiceFabric.AspNetCore.HttpSys" Version="3.2.187" /> <PackageReference Include="Microsoft.Skype.Bots.Media" Version="1.31.0.180" /> <PackageReference Include="Microsoft.Kiota.Http.HttpClientLibrary" Version="1.3.3" /> </ItemGroup> 11.The certificate has also been uploaded to Azure, as shown in the figure:
how to achieve private stage view for custom team app in meeting
I’m working on a custom Microsoft Teams app that will be added to a meeting. My goal is to have the app load in a private stage view as a popout when clicked, so that only the user who clicked it can see the content, without broadcasting it to all meeting attendees. I've created a custom Teams app for meetings, but I'm facing an issue with the viewing behavior. Currently, when a user clicks the app during a meeting, the content first loads in the side panel. The user then has to click a "Share" button to push the content to the main meeting stage, which makes it visible to all attendees. However, what I want is for the app to immediately open in a private stage view (as a popout) when clicked, without showing anything in the side panel and without requiring the user to manually share it. The content should only be visible to the individual user, not broadcast to the entire meeting.
Teams Tab Blazor App Works in Web but Not Desktop – SSO / Access Denied Issue
Hi all, I have developed a Teams tab application using Blazor with Azure AD SSO. It works perfectly in the Teams Web interface, but fails in Teams Desktop app. Troubleshooting details If you contact your administrator, send this info to them. Copy info to clipboard ✔ Copied Correlation Id: 2607e281-e81f-429f-95b6-755f4b30968d Timestamp: 2025-10-07T09:42:34.000Z DPTI: d2bf8e81894be21be1d5e1818fa47b2d8975c91c3d0eceb6622a99cc1fc8b8f1 Message: Access denied for the resource. Tag: 4usp7 Code: 3399614468 I would appreciate guidance on how to make the Blazor Teams tab work in both Web and Desktop using SSO. Thanks! TahirAgents Toolkit for Visual Studio - many bots in monorepo
I am using the Agents Toolkit for Visual Studio and I am thinking about hosting several Teams Bots in the same git repository. Each of them should be deployed in a different Tenant, so I am wondering about best practices to avoid a bot ending up in the wrong tenant. I am completely new to Agents Toolkit and Teams development. Any hints on upcoming events regarding these topics are highly appreciated.
Can I create an Azure Key Vault from a Teams app in the customer’s tenant?
Hi everyone, I’m building a Teams app and want to support this flow: A customer admin opens the app and sees a setup dialog. They enter subscription/resource group details. The app then creates a new Azure Key Vault in the customer’s tenant. My questions: Is it feasible for a Teams app to create a Key Vault in the customer’s tenant? What is the recommended way to request the necessary permissions? (e.g., Azure AD OAuth2 consent for ARM API access?) Or is best practice for the customer to create the Key Vault themselves and just grant my app access? Thanks!
Unable to Add Tabs to Chats Consistently in Teams via GraphAPI
Expected Behavior: Tabs should be consistently added to chats when using the Graph API, provided all necessary permissions and conditions are met.Description We are encountering an issue when using the Microsoft Graph API to create chats and https://learn.microsoft.com/en-us/graph/api/chat-post-installedapps?view=graph-rest-1.0&tabs=http and https://learn.microsoft.com/en-us/graph/api/channel-post-tabs?view=graph-rest-1.0&tabs=http in Microsoft Teams. While we have the necessary permissions, the process of adding a tab to a chat works intermittently. Sometimes the tab is successfully added, but most of the time it fails, even though the app is installed correctly, with the following error: Failed to execute MsGraph backend request GetUserLicenseDetailsS2SRequest. Workload MsGraph_DirectoryServices. Request Url: https://graph.microsoft.com/v1.0/users/c0cfdd6b-d64d-42e1-8111-0881725f68ff/licenseDetails?$select=skuId,skuPartNumber,servicePlans, Request Method: GET, Response Status Code: NotFound, Response Headers: Strict-Transport-Security: max-age=31536000\r\nrequest-id: c86b5fbd-4224-486b-8f3e-8ad3f561a377\r\nclient-request-id: c86b5fbd-4224-486b-8f3e-8ad3f561a377\r\nx-ms-ags-diagnostic: {\"ServerInfo\":{\"DataCenter\":\"North Europe\",\"Slice\":\"E\",\"Ring\":\"4\",\"ScaleUnit\":\"011\",\"RoleInstance\":\"DB1PEPF00075073\"}}\r\nx-ms-resource-unit: 1\r\nDate: Tue, 22 Apr 2025 09:47:03 GMT\r\n, Reason Phrase: Not Found, Request ID 1F9FFBD00A5F489E9B7CABDCFB857858. Reproduction steps: Create an AAD App registration with required application permissions (to install apps and manage tabs in chats), ie at least the following: TeamsAppInstallation.ReadWriteAndConsentForChat.All TeamsTab.ReadWriteForChat.All Create a Teams application with a static tab with "groupChat" scope Install app in chat: POST https://graph.microsoft.com/v1.0/chats/:chatId/installedApps with body below Add (pin) tab to chat: POST https://graph.microsoft.com/v1.0/chats/:chatId/tabs with body below {"email address removed for privacy reasons" : "https://graph.microsoft.com/v1.0/appCatalogs/teamsApps/{{AppId}}"} Expected Behavior: Tabs should be consistently added to chats when using the Graph API, provided all necessary permissions and conditions are met. Current Behavior: The process of adding tabs to chats is unreliable. Sometimes the tab is added, but most times, the request fails without clear reasoning. All required permissions appear to be in place since it works occasionally. Note that this issue started to occur at the beginning of the month, around the 8th of April apparently, has anything changed around this date? Also note I also found traces of https://learn.microsoft.com/en-us/answers/questions/2259024/add-tab-to-chat-request-stopped-working-now-it-ret?source=docs in our logs but it is apparently resolved now.Deleting AutoAttendants and CallQueue
Hello There are commands to delete AutoAttendants and CallQueue. But I get allways an error "Can't remove the Auto Attendant. Auto Attendant is still referenced by Endpoints Ids" Even if all Ressource Accounts are deleted a day before. These Auto Attendants and CallQueues are configured as Calling ID's When I manually delete them after removing there also an error that call queue time was to low. Is it possible to force the deletion. Regards JFM_12Adaptive Card embedded audio doesn't play
Hi Everyone I have an adaptive card that was working until this week. I've got a workflow that sends an email when a voicemail is received, then saves the voicemail in SharePoint and sends the audio file embedded in an adaptive card in Teams. The code isn't complicated, I've just put the sharing link as a variable and then it's more or less like this: "type": "Media", "sources": [ { "mimeType": "audio/wav", "url": "@{variables('VoicemailLink')})" } ] It was working last week, and I didn't change anything. I've put a quick workaround in to put a hyperlink to the voicemail in the text of the adaptive card, and that seems fine so the variable link is working and the saved audio file is working, it's just not embedding the file nicely into the card. It opens up in a browser window instead. Has there been an update to adaptive cards or Teams that might break this sort of thing? Thanks for your help.
