The organization that I work for previously used Slack as our collaboration tool. With Slack, I was able to register an app in the workspace and use the provided access tokens to invoke the API to send a message to a user from our external web application. It was very straightforward. There was no intermediate app that needed to be coded to enable this messaging.
Recently, we've transitioned from Slack to MS Teams, and in looking over the Graph API documentation, there does not currently appear to be a way to proactively send a message from an external application to a user. The available permissions for the chatMessage endpoint indicate the availability of only a delegated permission to send a message on behalf of a specific user; no permission exists to send a message on behalf of an external application.
Is it possible to use the Graph API to directly send a message from an external application to a user? Or must a bot application be created in order to achieve this?
It must be a bot application to achieve above mentioned requirement. ChatMessage endpoint works to send a message on behalf of user only.
Related
I want to build a Microsoft teams messaging bot for sending/receiving messages. For my app, I noticed that I had to add application level API permissions for chat read/write scopes and get them approved in order to send bot messages to users.
However, I noticed that installing an app from the Microsoft teams app store (like Stack overflow for teams) worked right out of the box. It didn't require any additional approvals, etc. for their bot to send me a message.
My question is:
What permissions are required/bundled in that can allow bot to send user a message after user installs/adds app?
Trying to send out chat message from Bot with sender as a current logged in user. I am able to implement this with graph api using On Behalf of flow. However the API is still in Beta and don't think we can use it in production setting.
https://learn.microsoft.com/en-us/graph/api/chat-post-message?view=graph-rest-beta&tabs=http
Is there a different way? Can we use ConnectorClient? Tried this, but the chat message is sent by the bot instead of the current logged in user. I am not able to create user token with botframework.com. It is always bot or the registered app.
Do anyone know if there is a way to accomplish this avoiding the graph beta api?
Is there a way to send a message on behalf of a user either in private chat or channel. In my case, the admin gives both application and delegated permission for the app. When the admin is part of the chat/channel, the messages are delivered correctly using MS Graph API but when the chat happens between 2 other signed-in users where the admin is not involved, I am not able to send the message as any of the user. I get UnknownError/Unauthorized since the token which is generated is related to admin user.
If we cannot send a message on behalf of a user using MS Graph is there any other way to achieve this. Can MS Bot take care of this scenario? Will each user have to install the bot so that it can send the message even if the Bot is not part of the conversation?
If we cannot send a message on behalf of a user using MS Graph is
there any other way to achieve this.
You can send chat message using Graph APIs. To send message on behalf of a user, your app must get consent from each individual users. Application permission is currently not supported.
Will each user have to install the bot so that it can send the message
even if the Bot is not part of the conversation?
It's a good idea to build Bot and send notifications instead of sending it from one of the user's account. You can use Proactive message to send message. In order to send message, your Bot needs to be installed for each user.
Could you please elaborate more on scenario? Are you looking for something similar to Company Communicator?
Design
Outlook Add-in that shows sales specific information based on the message (content, sender, etc)
Daemon that subscribes to new messages for the sales team and processes messages as they come in. Runs with application authentication
Scenario
We are developing a multi-tenant add-in that show sales specific information based on the email they are viewing. Since the sales team may be a single person, group or multiple people.
Question
How would the daemon running as an application use the graph to pull in users assigned to it?
Office 365 Admin Screenshot
You would need an Azure AD Application registered with Mail.Read persmissions. The add-in would sign in as the user. Then have the add-in subscribe to the users mailbox on the users behalf. The subscription would include the URL of a backend web api that Microsoft Graph subscription service would call.
You would need to register a new Azure AD Application (if you don't have one created already) for the backend web api. Then you would want to grant the correct permissions scopes to it. For your scenario you would require each tenant to admin consent this application, because you would need access to messages in many users mailboxes using application permission Mail.Read. The reason for this is because the webhook does not call your web api with any user token that you could use to then actual fetch the details of the message.
More info on change notifications (webhooks) is here https://learn.microsoft.com/en-us/graph/webhooks
I have a private slack application (developed by user 'X' from team 'XT')
I have a web server knows how to complete the Oauth process and generate tokens per teams
Now- as a user Y from team YT I am installing the slack app on my YT team and get a token,
using that token I perform API call for channels.create ,
I got into my team (aka YT) and indeed I see that the channel was created ,
BUT
it's written that the channel was created by the specific user that installed the slack app, meaning user Y.
I would expect to see that channel was created by the application not by specific user.
Is there any way to do that ?
thought about using bot token (got from the app instllation) but channels.create cannot be performed by a bot
I am afraid there is no solution for your problem. Every "write" action on Slack has to be attached to either a bot or a user. And since channels.create can not be used by a bot, it has to be a user.
The master access token of your Slack app is linked to the user that installed it, which is why that user will appear as creator of the channel when you use it.
I use a generic admin user ("slackadmin") for that purpose on my own Slack, but that will of course not work as general solution for each Slack team that want to install your app from the Slack App Directory.