2

I'm working to send a message to Teams by using Graph API.

my application is a daemon application that sends a message automatically in the background.

I have written code like an official reference link below:

https://learn.microsoft.com/en-gb/graph/sdks/choose-authentication-providers?tabs=CS#client-credentials-provider

in my case, I use the client-credentials-provider but, I still can't send a message, and always get the below error message.

surely I have already registered my application in Azure and set for the grant of scope

enter image description here

https://i.stack.imgur.com/Dn8i0.png

How can I fix this?

Maytham Fahmi
  • 31,138
  • 14
  • 118
  • 137
Sando Of Rivia
  • 21
  • 4
  • I use this method is much easier https://stackoverflow.com/questions/57050321/how-do-i-post-a-message-to-microsoft-team-from-other-application/65759554#65759554, it does not answer your question, but might solve what you are looking for. Btw the method I use can only send to team channel not to a person – Maytham Fahmi Apr 25 '22 at 06:09
  • 1
    @Maytham Thank you for your answer. I have tried it and the result is ok but, that is still not what I'm looking for. this is an application for enterprises they want to use the official way to implement. – Sando Of Rivia Apr 25 '22 at 09:02
  • that is fair enough. – Maytham Fahmi Apr 25 '22 at 09:09

1 Answers1

1

Following this api document, you need to give Application api permission Teamwork.Migrate.All, and try this code below:

using Azure.Identity;
using Microsoft.Graph;

public void sendMesgAsync()
{

    var scopes = new[] { "https://graph.microsoft.com/.default" };
    var tenantId = "your_tenant_name.onmicrosoft.com";
    var clientId = "azure_ad_app_client_id";
    var clientSecret = "client_secret";
    var clientSecretCredential = new ClientSecretCredential(
        tenantId, clientId, clientSecret);
    var graphClient = new GraphServiceClient(clientSecretCredential, scopes);

    var chatMessage = new ChatMessage
    {
        Body = new ItemBody
        {
            Content = "Hello World"
        }
    };

    await graphClient.Teams["{team-id}"].Channels["{channel-id}"].Messages
        .Request()
        .AddAsync(chatMessage);
}
Tiny Wang
  • 10,423
  • 1
  • 11
  • 29
  • I have tried this but, still an error like the above. @Tiny Wang – Sando Of Rivia Apr 25 '22 at 09:04
  • Can you try [this request](https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow#first-case-access-token-request-with-a-shared-secret) to generate an access token, and then try [this request](https://learn.microsoft.com/en-us/graph/api/chatmessage-post?view=graph-rest-1.0&tabs=http#request) to send message? The token should be added to request header like:`Authorization: Bearer token` there's an empty between bearer and token – Tiny Wang Apr 25 '22 at 09:13
  • try to send message via a request. if it not work, pls decode the token and check if the `roles` claim had correct vaule. – Tiny Wang Apr 25 '22 at 09:14
  • I have tried with the postman and still get `Message POST is allowed in application-only context only for import purposes. refer to https://learn.microsoft.com/microsoftteams/platform/graph-api/import-messages/import-external-messages-to-teams for more details.` Unauthorized error. I checked the role at token and gets `"roles":["Teamwork.Migrate.All"]`, Is this why I can't send a message? – Sando Of Rivia Apr 26 '22 at 01:30
  • 1
    I double checked the api document, and I found this sentence. So I'm afraid we can't use client-credential-flow here for sending message to channel. `Note: Application permissions are only supported for migration. In the future, Microsoft may require you or your customers to pay additional fees based on the amount of data imported.` – Tiny Wang Apr 26 '22 at 01:37
  • I just noticed that, Do you have the other ways?. cause I can't the way to get through the above error. – Sando Of Rivia May 10 '22 at 07:16
  • since this api doesn't support client credential flow, you can only used the delegation permission, which means you can only make a user sign in first and call the api on behalf of the user. – Tiny Wang May 10 '22 at 07:42
  • Could you send me a link to reference? – Sando Of Rivia May 12 '22 at 07:37
  • [This section](https://learn.microsoft.com/en-us/azure/active-directory/develop/sample-v2-code#web-applications) provides many samples, choose the one you need. – Tiny Wang May 12 '22 at 07:41
  • asp.net core call graph api, you may refer to [this one](https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/blob/master/2-WebApp-graph-user/2-1-Call-MSGraph/README.md). – Tiny Wang May 12 '22 at 07:42