We're developing a connector that creates actionable outlook messages for external users. I.E. This is a service. Can anyone please help with the below example? We're getting an error for the external users when they try to action the message by clicking on one of the action buttons.
Example:
User A is on the tenant that registered the connector - Tenant A,
User B is on another Office 365 tenant, Tenant B.
We've created an Office 365 connector targeting the user's "Inbox"
The connector has not been published to the store but is still in dev.
So to be clear we're not implementing our solution using "Actionable Email".
We can create the actionable message for both User A and B, no problems so both users get the email. But only User A ( on the tenant that registered the connector ) can click an Action button from Outlook. User B gets the error message:
"Target URL 'https://nameomitted.com/method' is not allowed"
We are not receiving anything at our web server end from the call. The console error from the browser when clicking the action button is:
So the error is generated from Microsoft internally.
Can we only send to users in the same tenant as the one that registered the connector until we've published to the store? That seems restrictive for development.
Any help is greatly appreciated.
Is your connector's registration pending or approved?
Pending connector's functionality is limited. Most cross tenant operations are blocked.
In my case, I was using a different URL which was not registered in the Provider. If both the end points (in the provider & in the Adaptive Card JSON) match, then only it will work.
Related
I have created a Calling Azure Bot which is registered with tenant A. The bot got admin consent from tenant B to make/join calls (Application permissions: Calls.AccessMedia.All, Calls.Initiate.All, Calls.InitiateGroupCall.All, Calls.JoinGroupCall.All, Calls.JoinGroupCallAsGuest.All, OnlineMeetings.Read.All and OnlineMeetings.ReadWrite.All).
When a user of tenant B schedules an online meeting, I'm able to join this meeting with my bot from a small .NET app using the Microsoft.Graph, Microsoft.Graph.Communications.Calls and Microsoft.Graph.Auth NuGets.
I'm also able to invite additional participants from tenant B to the ongoing meeting with Graph API /communications/calls[<callId>]/participants/invite. But when I try to invite a user from tenant A or any other tenant, the call to invite fails with the following error:
Error occurred: Status Code: Forbidden
Microsoft.Graph.ServiceException: Code: 7505
Message: Request authorization tenant mismatch.
Why does this error occur and how can I fix it?
Does the Graph API support this scenario at all?
If not, are there any plans to support it in the future?
Any help would be very much appreciated.
Seems like this is not supported by Microsoft and there are also no plans to support it in the near future. See https://github.com/microsoftgraph/microsoft-graph-comms-samples/issues/144
I've been tasked with a project to get attendance information from specific types of Teams. I have a service account that is already a member of these Teams, however it is unable to access an endpoint needed to resolve JoinWebUrls to meetingIDs (See example #3, 'Retrieve an online meeting by JoinWebUrl').
I have done the following thus far:
Create a new App Registration and assigning it 'OnlineMeetings.Read.All' as an Application permission (this process needs to run as a script, meaning that Delegate permissions won't work here)
Create a new Application Access Policy, assigned the aforementioned App Registration's App ID to it, and granted it to the service account.
Signed into MS Graph as the service account (using the 'password' grant_type) and retrieved the 'events' within the Team (via /v1.0/groups/$GroupID/events)
Extracted the JoinWebURL parameter from each of those events.
Step 5 would be to resolve the meetingID from the JoinWebURL, however when I all of the following requests fail:
GET /v1.0/me/onlineMeetings?$filter=JoinWebUrl eq '$JoinWebURL' (as the service account, which should be able to interact with the meeting)
GET /v1.0/users/$ServiceAccountObjectID/onlineMeetings?$filter=JoinWebUrl eq '$JoinWebURL' (as the service account to access it's own object's meetings, however this does seem to be the endpoint for Application permissions rather than Delegate permissions)
GET /v1.0/users/$ServiceAccountObjectID/onlineMeetings?$filter=JoinWebUrl eq '$JoinWebURL' (using the App Registration mentioned earlier, signing in with the 'client_credentials' grant_type)
GET /v1.0/me/onlineMeetings?$filter=JoinWebUrl eq '$JoinWebURL' (as the App Registration trying to access any meeting, however this does seem to be the endpoint for Delegate permissions rather than Application permissions)
Basically, I'm stuck. Is there something obvious that I'm missing? I'm also considering raising a support call with Microsoft, to see if the behaviour I'm experiencing is merely a bug.
Thanks in advance.
Events and online meetings are two different API's, you have created an event and trying to get online meeting details. That's the reason you are getting those errors. If you want to get event details please try this document.
I have my own bot running locally and have made it publicly accessible using ngrok
Trying to use the sandbox environment of gupshup to communicate with my bot.
Have hooked my bot using webhook (link your bot)
Have also created a BOT and configured the webhook as a callback POST to my ngrok server.
However when i try replying to a user supplied whats app message after say about 10 min using the Delayed response strategy i.e. by passing the contextobj and message via the send API (http://api.gupshup.io/sm/api/bot/{botname}/msg), I get an error stating "User Not Opted In".
Why isnt the user considered as an Active User since the messaging was initiated by the user and the send API is only replying to that message with 24 hrs ?
How do i simply give a delayed response to the user within 24hrs without forcing the user to opt-in ?
We do this all the time, however we are using the endpoint documented here:
https://www.gupshup.io/developer/docs/bot-platform/guide/whatsapp-api-documentation#OutboundMessage
You have to take the consent of user once before sending messages.
Also while using sandbox the user needs to opt in but for verified user it will be relaxed.
But still you will need to take consent of user at any place (your site, your terms and conditions or anywhere) before sending him anything for the record purposes so that they cannot claim that you are spamming them without consent.
I have an Outlook Office-JS addin that adds what is basically a third-party send via an addin command button. In the background, this does some processing on the draft message then sends it via the Office365 / Graph send API: https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/message_send
I've verified when I do send the message from the backend component of my app, I do see that the e.g. reply headers are set correctly, but apparently this isn't enough to set the parent message as replied / forwarded in Outlook.
Given that, I'd like to manually set the parent message as replied to / forwarded when sending. From reading other posts it looks like the following attributes https://learn.microsoft.com/en-us/office/client-developer/outlook/mapi/pidtaglastverbexecuted-canonical-property could help me do that.
However, I'm not sure how to identity a draft message on either the Office-JS side or via the Graph API as a reply / forwarded email, nor do I know how to get the parent message (original email replied to / forwarded) handle or ID.
Currently you cannot get the state of a draft or the parent ID with Office JS. What is your scenario for saving a message as a draft and then sending with Graph? We track Outlook add-in feature requests on ourĀ user-voice page. Please add your request there. Feature requests on user-voice are considered when we go through our planning process.
I've tried to do a simple azure logic app. I'm using the office 365 connector and an email trigger of "When_a_new_email_arrives" (https://azure.microsoft.com/en-us/documentation/articles/connectors-create-api-office365-outlook/#when-a-new-email-arrives). It seems to work if I send an email to the target account, push the trigger. At least when matched between azure login & office 365 mailbox (i.e. both uses the same id xxx#company.com)
However, if the mailbox belongs to another user say yyy#company.com it doesn't seem to work even though it is "authorized". The trigger always comes back as 'skipped'. I think I'm getting to the correct mailbox because if I say a different source folder that does not exist in the target mailbox I do get an error.
Any ideas on how to troubleshoot?
You can only work with one account with the Office 365 Connector Api.
The only account you can use is the one you logged in with.
I walked away from this and tried it again and it worked straight away. So, I believe this was a bug, as it now works with only me doing an "authorize" again (something I had previously done).
The answer that it can't be done is incorrect.