Microsoft Teams Graph Spoke error

Bird1
Mega Sage

Hello,

 

We're trying to configure Microsoft Teams Graph Spoke in our instance. We've followed the instruction from this link : ChannelMessage.Send,Group.ReadWrite.All**) : https://docs.servicenow.com/bundle/washingtondc-integrate-applications/page/administer/integrationhu....

 

While testing the connection, we could get the Oauth Token wihtout any issue. But once we tried to test 'Post Message' to Teams Channel, it returns error 403.

 

{"error":{"code":"Forbidden","message":"Failed to get license information for the user. Ensure user has a valid Office365 license assigned to them.","innerError":{"date":"2024-08-02T02:58:09","request-id":"177abb2d-0e75-4db3-b2d2-31b6f39b08c9","client-request-id":"177abb2d-0e75-4db3-b2d2-31b6f39b08c9"}}}

 

Could anyone please help?

 

Please note that the API permission for Post Messsage (ChannelMessage.Send, Group.ReadWrite.All**) have been granted to Azure App already.

1 ACCEPTED SOLUTION

Bird1
Mega Sage

The problem has been resolved by myself.

 

  • During configuration, it's recommended to use a Service Account (to ensure the password will never be expired) with O365 license assign.
  • Grant the 'admin' role to that Service Account on your instance
  • Configured the Teams Spoke as per Product Document, when click get OAuth token, use this Service Account with O365 license to sign in.
  • Once completed configuration, you can test post message to Teams Channel (before testing, please ensure you've already added this Service Account to that Teams Channel as a member). You will see the message is post by the Service Account you used to configured.

View solution in original post

2 REPLIES 2

Bird1
Mega Sage

The problem has been resolved by myself.

 

  • During configuration, it's recommended to use a Service Account (to ensure the password will never be expired) with O365 license assign.
  • Grant the 'admin' role to that Service Account on your instance
  • Configured the Teams Spoke as per Product Document, when click get OAuth token, use this Service Account with O365 license to sign in.
  • Once completed configuration, you can test post message to Teams Channel (before testing, please ensure you've already added this Service Account to that Teams Channel as a member). You will see the message is post by the Service Account you used to configured.

@Bird1  Can you please give information on what type of grant type we need to use and what are the oauth scope required to use post messages from the Microsoft teams graph spoke?

 

Thanks!