Sending chat / channel message to Teams via Graph Api

0
votes

I have a SPA, and I am trying to send a message on behalf of a user in Teams via - POST https://graph.microsoft.com/v1.0/teams/{teamid}/channel/{channelid}/messages

through the same.

But I am continuously getting this error -

{

"error": {
    "code": "Unauthorized",
    "message": "Unauthorized",
    "innerError": {
        "date": "2020-12-03T06:09:02",
        "request-id": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
        "client-request-id": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
    }
}

}

The SPA is build using Azure AD App registrations and the Following API permissions have been given to the app : ChannelMessage.Send (Delegate) , Chat.ReadWrite (Delegate), ChatMessage.Send (Delegate).

The above API works when calling from the Microsoft Graph explorer portal.

I also compared the access token on jwt.io from both Graph Explorer and My Azure AD application and both have the scopes - [ ChannelMessage.Send ] which is required to send a message to a channel

Need help on this if I have missed something out or if I am doing something wrong.

2
javascriptazuremicrosoft-graph-apisingle-page-applicationmicrosoft-teams
Please share the requestid and timestamp of the error message.Shiva Keshav Varma
@Shiva-MSFTIdentity "date": "2020-12-03T16:16:55", "request-id": "353df509-8469-41f7-9059-f192ac21e214"Abhishek Sharma
The reason for the error is not that you lack permissions, but that you used the wrong token to call the api. Check your audience to make sure it matches your api. Use jwt.ms to parse your access token and provide screenshots.Carl Zhao
@AbhishekSharma- Were you able to resolve you issue with Trinetra's answer? Please let us know if you are still stuck.Wajeed-MSFT
@Wajeed-MSFT Thanks for following up. Actually changing the authProvider is not an option for me in my project. But I achieved what I was trying to accomplish using DeepLinks. Thanks for the support.Abhishek Sharma

2 Answers

2
votes

Posting a message to channel using Send Channel Message Graph API requires ChannelMessage.Send Group.ReadWrite.All permissions

Here is the code snippet for sending messages to channel, you need to implement authProvider to pass it graphClient, I tested it for my tenant and I was succesfully able to send message in Channel. enter image description here Below is Code snippet

GraphServiceClient graphClient = new GraphServiceClient( authProvider );

var chatMessage = new ChatMessage
{
    Body = new ItemBody
    {
        Content = "Hello World"
    }
};

await graphClient.Teams["{TeamId}"].Channels["{ChannelId}"].Messages
    .Request()
    .AddAsync(chatMessage);
0
votes

I'm not an expert on this, but I think you can't connect directly from an untrusted client (i.e. a SPA) to the Graph directly, and that you'd first need to get an "on behalf of" token (which means you'd need to have your own backend API to make a secure connection and retrieve this token). You can see a sample for this (dotnet and node) over here: https://github.com/HiltonGiesenow/teams-dev-samples/tree/add-tabs-sso-sample