4

I am trying to fetch the MS Teams roaster / user profile. Below are the sequence of Postman calls I am making:

Generated Access Token: https://login.microsoftonline.com/botframework.com/oauth2/v2.0/token

Generated User Access Token: https://login.microsoftonline.com/{{TenantId}}/oauth2/v2.0/token Get

My Joined Team: https://graph.microsoft.com/v1.0/me/joinedTeams

Get Internal Team Id:https://graph.microsoft.com/v1.0/teams/{{TeamId}}/channels

Fetch Roster/user profile:https://{{ServiceUrl}}/v3/conversations/{{tId}}/members/

Everything was working fine, but today I am getting 403 forbidden error

{
    "error": {
        "code": "BotNotInConversationRoster",
        "message": "The bot is not part of the conversation roster."
    }
}

Please note that I am able to communicate with the bot.

Below are the permissions that I have provided for delegate and application Directory.Read.All Group.Read.All Group.ReadWrite.All User.Read User.Read.All User.ReadBasic.All

Any suggestions to fix the same?

Rohit
  • 6,941
  • 17
  • 58
  • 102

2 Answers2

4

Notice that your last call, the one to "serviceurl", is NOT part of the Graph, obviously. As a result, it's authentication is different. In this case, Teams is authenticating it as a bot, and it needs certain rights. For instance, the bot MUST be installed to the Team in question in order to get the roster for that Team. You say it was working before - is that in the same Team? If not, the bot needs to be added to that Team. If "yes", then perhaps the bot was removed from the Team by someone?

Hilton Giesenow
  • 9,809
  • 2
  • 10
  • 24
  • The bot is already added to the team, like this https://learn.microsoft.com/en-us/azure/bot-service/channel-connect-teams?view=azure-bot-service-4.0. Can you please tell about rights? – Rohit Mar 08 '20 at 04:06
  • 1
    ah I see - what you've sent is what's called the "Channels" registration. It's TOTALLY different from a "Channel" inside a Teams. This "Channels" in your screenshot means "what KIND of platform can my bot speak with (e.g. Teams, Slack, Facebook). Once that's done, you still need the bot registered into (a) your tenant and (b) particular Teams. It sounds like you've done that part, maybe with App Studio? – Hilton Giesenow Mar 08 '20 at 07:57
  • You can use Graph to install your bot: https://learn.microsoft.com/en-us/graph/teams-proactive-messaging#install-the-app-for-your-users – Andrew Clear Mar 08 '20 at 23:53
  • @AndrewClear the bot is already able to communicate. I am getting the response from the bot. – Rohit Mar 09 '20 at 07:29
  • @HiltonGiesenow I am able to communicate to the bot via webhooks. (i didnot use app studio) – Rohit Mar 09 '20 at 07:36
  • great! Are you able to get the roster? – Hilton Giesenow Mar 09 '20 at 08:36
  • @HiltonGiesenow sorry i mean to say that the bot is already part of them since i am able to communicate to the bot. But https://{{ServiceUrl}}/v3/conversations/{{ChannelId}}/members/ throws 403 – Rohit Mar 09 '20 at 09:13
  • To make a Bot part of the conversation in channel you need to @mention Bot, Could you try to pass conversation id instead of team id? – Trinetra-MSFT Mar 10 '20 at 14:21
  • @Trinetra-MSFT I am SORRY, i could not understand what you meant. I am getting value from https://graph.microsoft.com/v1.0/teams/{{TeamId}}/channels call. I am using this id to pass it to https://{{ServiceUrl}}/v3/conversations/{{ChannelId}}/members/ – Rohit Mar 10 '20 at 16:40
  • { "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#teams('9321d683-e58f-4b7b-b3d6-154fafa789be')/channels", "@odata.count": 1, "value": [ { "id": "19:8b25c02293124a13b6d4483b23911fdf@thread.tacv2", "displayName": "General", "description": "rdh-team-7march", "email": "", "webUrl": "https://teams.microsoft.com/l/channel/19%3a8b25c02293124a13b6d4483b23911fdf%40thread.tacv2/General?groupId=9321d683-e58f-4b7b-b3d6-154fafa789be&tenantId=7c69806f-5754-488f-9dd8-7daa8afea4fd" } ] } – Rohit Mar 10 '20 at 16:41
  • 1
    You need to generate accessToken first than call the https://{{ServiceUrl}}/v3/conversations/{{conversationID}}/members/ API it should work, Please take a look at [fetching roster using REST API](https://learn.microsoft.com/en-us/microsoftteams/platform/resources/bot-v3/bots-context#rest-api-example) Let me know if this doesn't help you – Trinetra-MSFT Mar 11 '20 at 11:43
  • @RDX, are you happy to close this out, now that it's working? – Hilton Giesenow Mar 15 '20 at 15:28
  • @HiltonGiesenow Thank-you so much for your timely help on this. I was able to fetch the roster details!! – Rohit Mar 16 '20 at 04:39
2

You must install your bot as an app in a team before you can call this API. Sending it messages via a webhook does not count. It must be an app installed in the team. Because the bot is retrieving personal information, it needs to be added to that context before the API will work.

See:

Andrew Clear
  • 7,910
  • 5
  • 27
  • 35