无法“列出频道消息"；Azure AD 图形 API 测试版 [英] Unable to "List channel messages" on Azure AD Graph API Beta

问题描述

当我尝试列出频道消息时，我得到:

When I try to list channel messages I get:

[...] "code": "UnknownError", "message": "Failed to execute backend request." [...]

此错误适用于我不属于的所有团队.

This error is for all teams I don't belong to.

我在尝试从 Microsoft Flow(使用 HTTP GET)和 Graph Explorer 调用 API 时遇到此错误:我使用的帐户具有 FULL 权限，但仍要求检查我的权限:

I have this error when trying to call the API from Microsoft Flow (with HTTP GET) but also with Graph Explorer: the account I used has FULL permission but still asks to check my permission:

Failure - Status Code 403, 656ms Looks like you may not have the permissions for this call. Please modify your permissions

并且注册的应用程序具有调用此端点所需的授权权限:

And the registered application has the delegated permission needed to call this endpoint regarding the documentation:

GET/teams/{id}/channels/{id}/messages

https:///docs.microsoft.com/en-us/graph/api/channel-list-messages?view=graph-rest-beta

这是因为测试版"还是我错过了什么?

Is it a bug because of the "beta" or something I've missed?

推荐答案

经过搜索和测试，我可以确认我错过了理解委派权限的工作原理.

After searching and testing I can confirm that I was miss understanding how the delegated permission works.

用户需要有阅读聊天消息的权限，这意味着用户需要至少是被通话关注的团队成员.

The user need to have the permission to read the chat message meaning that the user need to be at least a member of the team who is concerned by the call.

我通过在帐户不是成员的团队/组上进行测试来确认这一点(结果 = Satus 代码 403)，并且在团队/组中添加帐户后一切正常

I confirmed it by testing on a teams/groups where the account is not member of (result = Satus code 403) and everything is working with success after adding the account in the teams/groups

这是否意味着目前能够列出来自组织中所有团队的频道消息，我们需要每个团队都有一个唯一的帐户成员(=在 microsoft-graph 调用中使用的帐户)?

如果有人遇到同样的情况，这个视频有助于更轻松地理解这个概念:https://www.youtube.com/watch?v=UPkHvy3eRCM

if anyone faced same situation this video helps to understand more easly the concept : https://www.youtube.com/watch?v=UPkHvy3eRCM

这篇关于无法“列出频道消息"；Azure AD 图形 API 测试版的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！