I am building a custom app for MS Teams that sends Proactive chat messages to the users of each of the teams. When I give the app to the teams admin, they will publish the app, but I am not sure how the admin will install for their users, so that I receive conversation_id of all the users in their teams after it has been installed.
I am aware that it is possible through Graph API and is looking to eliminate the app installation through Graph Api.
It's possible for an admin to do this using the Teams Admin section in the Microsoft 365 Tenant Admin screens. Specifically, you're wanting to set up something called "App Setup Policies". See here for more: https://learn.microsoft.com/en-us/microsoftteams/teams-app-setup-policies#create-a-custom-app-setup-policy
Using these policies, admins can pre-install the app, and can even pin it on the left menu. They can also choose to do this for all users, or just a specified group.
To be clear though, this will install the app to the users in a -personal- context - it will NOT install the app to any -actual- Teams / Channels or Group Chats - you'd need to use Graph for that, and even then it will only be able to install to -existing- Channels or Chats and won't automatically cover new ones added after that, if that's what you were trying to achieve.
Related
We have created a Microsoft Teams tab app with bot integration that we want to distribute to various organizations either manually or via an App Store. In summary,
We created Tabs App with Microsoft Bot using node.js botbuilder package.
We provided zip archive to another organization (another tenant Id).
Organization uploaded our app using Microsoft Teams Admin panel and approved permission in Permission tabs.
Question is how can we receive the tenant id from the organization we are deploying to without asking their admins to go to Azure Active Directory and look it up. Once provided, the graph api and the multi tenant bot does work fine. We are trying to avoid asking their admin to provide us the tenant id and want to retrieve it automatically upon the app being uploaded or on startup.
Thank you.
The best place to get the tenant id is from the access token you are provided by logging in to your app. Look for the 'tid' value.
I'm assuming you are talking about stream lining the company wide admin consent for your application.
What you can do is have a web site that a customer's admin can log into (using standard Microsoft OAuth interactive flow). You can then pull the Tenant ID from the access token and then run through the Microsoft consent process. Once consent process redirected back to your web site, you can do your own customer onboarding if required.
Looking for the best course of action that would have the least impact on users to be able proactively message users with teams app (bot) installed but where they have not messaged the bot and the conversation reference was not captured at time of install.
The scenario is that have an enterprise bot that has been operational for over 3 years servicing 10s of thousands of employees. The bot is auto installed for all users in the tenant, but conversation references were only being stored in the last 2/3's of the applications life, and the install event was not being captured until recently. This was not an issue in past as all proactive functionality was predicated on some interaction with the bot.
I now have a need to be able proactively messages all users within tenant regardless of if they have messaged the bot or not, or if they last messaged the bot before conversation references were being stored. There are only a small subset of users the fall into this category.
Hoping some way to generate a conversation update, be it through graph or other means. The installationUpdate event through app update seemed promising as can update the application but seems only triggered if bot is added or removed
Review the information provided here: https://learn.microsoft.com/en-us/microsoftteams/platform/graph-api/proactive-bots-and-messages/graph-proactive-bots-and-messages?tabs=dotnet
Here is what we do
If we have the conversation ID in our cache/persistent store, we use
it to send the message
If we dont have, we use GET
https://graph.microsoft.com/v1.0/users/{user-id}/teamwork/installedApps/{teamsAppInstallationId}/chat
to get the chatid (the app id here is not the bot application ID, but the ID generated when the app is installed in the org app store and is available from the Teams Admin interface)
If the user does not have our app installed, we
install the app using the teamsAppInstallationId ID. This automatically generates a event without user intervention that
is sent to the bot which you can then use to capture the conversation ID.
POST /users/{user-id | user-principal-name}/teamwork/installedApps
This approach does require an Application Permission: TeamsAppInstallation.ReadWriteSelfForUser.All
You might look into using the List Teams functionality in the Graph API. You can use Graph to get teams and list their members, assuming you can grant your bot the necessary permissions. There are many features in the Graph API which might help you accomplish this.
To send a proactive message to user the bot requires the conversation reference. The conversation can be only retrieved when bot installed.
Without conversation reference you cannot send a proactive message using bot.
You can use Send message in a chat API to send message to chat with delegated permissions.
Could you please raise a uservoice for your case
I am new to bot development. I am working on creating a MS Teams bot using bot framework. The bot will be installed in ‘Personal’ scope in Teams, and it doesn’t have any tab / messaging extension etc. Once installed, I want to get the list of all the members/ channels/ Notification updates (i.e. members added/deleted etc.). As per the different documentation, I can get the list using Graph API.
List members of team - Microsoft Graph v1.0 | Microsoft Docs
List members of a channel - Microsoft Graph v1.0 | Microsoft Docs
To achieve this, I need the token that will be passed in API. I am not sure how to implement that. I have followed the instructions mentioned in Add authentication to a bot in Bot Framework SDK - Bot Service | Microsoft Docs. There was a step to add ‘Add OAuth Connection Settings’ and there were multiple options in ‘Service Provider’. I selected ‘Azure Active Directory v2’. After doing that, it works and I can get the token, but it only works if during login, I user my azure directory credentials. I have a Microsoft account linked with my MS Teams which id different than the Azure account. A user in team can have a Microsoft account / work / office account so this needs to work for everyone so what would be the correct ‘Service Provider’ option that will work for all accounts?
I was thinking that the flow should be like:
When clicks on ‘Add’ button to install the app in Teams
Once added, bot will prompt for Graph API permission using OAuth.
Once user gives the permission, I can use the token to call graph APIs.
I have also looked at the following tutorials:
How to use Bot Framework Composer to build low-code Microsoft Teams bots (Part 1)
Get user profile information in your Microsoft Teams bot with Microsoft Graph (Part 2) - YouTube
But after performing all the steps, when I try to login, it says – ‘This action can't be performed since the app does not exist or has been uninstalled.’.
I am not getting a clear approach on how to proceed with it.
As #Maxim has also suggested, if you want to have a bot that should run multitenant you need to put tenant Id as common in OAuth Setting in Azure bot. As the value suggest it isn't going to specific to single tenant and Redirect Uri should be set to https://token.botframework.com/.auth/web/redirect in app registration.
This is it, you don't need to add anything.
This is also mention in the doc --
We have some sample around it as well that shows how to use Graph API with the bot -
https://github.com/microsoft/BotBuilder-Samples/tree/main/samples/csharp_dotnetcore/24.bot-authentication-msgraph
You can setup this one and update the Graph calls to get member of team or channels.
On a Kiosk running a Windows PC in a reception area type setting, we would like to run a Microsoft Team Client which can be used to interact with another Teams App (Bot) or a Teams User
We can assign a generic Windows/Azure AD ID so that the Kiosk Windows PC is auto logged in with that ID and then consequently logs into Microsoft Teams with that generic ID (Reception24Kiosk#customer.com for example).
A visitor walks up to the Kiosk. They can then use the already running Teams client to start a chat with the Teams App (bot) or another Teams User.
As Teams client history is persistent, how do we clean up any chat history in the Teams client so that NEXT walk up visitor who uses the Kiosk PC can not see previous chat messages in the Teams client.
We are aware of Teams retention policies and a custom policy could be created for auto deletion but that seems to be measured in number of days. That is too long with this application.
Any way to clear out the chat history on each login to the Teams client (in which case we can somehow force logout the user after each walk up) or another way to reduce the chat history retention to a few minutes?
We have looked at the Microsoft Graph as well, and could not find a way to delete an entire 1:1 chat for a user (even with Delegated permissions)
Any other suggestions from admins who have tried to use Teams in the Kiosk Mode with a generic ID?
Teams client chat history is persistent one. There is no provision to clear out the history on each login. There is Teams retention policy for auto-deletion but as it is measured in number of days, that won't be applicable for your application as you mentioned.
Is it possible to uninstall a bot for a user in ms teams using some MS graph api or any other method? We have a user which is not able to talk to a bot in teams. It used to work before, but lately every messages user types runs into an error. So we were thinking to delete / uninstall the bot for that user and, have him install again.
There is an endpoint that you should be able to use for this: https://learn.microsoft.com/en-us/graph/api/userteamwork-delete-installedapps?view=graph-rest-1.0&tabs=http . Would it not be easier to just have the user uninstall the app in Teams though (right click on the app's icon and select 'Uninstall').
That said, I don't know if it would help - it sounds like something else might be wrong. Is this the only user having the issue? If everyone is seeing it, you should check if the Teams 'Channel' is enabled in the Bot's settings in the Azure resource (here's more info: https://learn.microsoft.com/en-us/azure/bot-service/bot-service-manage-channels?view=azure-bot-service-4.0).