page_type | description | products | languages | extensions | urlFragment | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
sample |
Shows how to request RSC permissions, use them to call Microsoft Graph, and how to enumerate permission grants through teams tab. |
|
|
|
officedev-microsoft-teams-samples-graph-rsc-nodeJs |
This sample illustrates you can use Resource Specific Consent to call Graph API.
- Tabs
- RSC Permissions
Please find below demo manifest which is deployed on Microsoft Azure and you can try it yourself by uploading the app package (.zip file link below) to your teams and/or as a personal app. (Sideloading must be enabled for your tenant, see steps here).
RSC with Graph API: Manifest
- NodeJS version v16.14.2 or Higher Version
- dev tunnel or ngrok latest version or equivalent tunnelling solution
- M365 developer account or access to a Teams account with the appropriate permissions to install an app.
- Teams Toolkit for VS Code or TeamsFx CLI
The simplest way to run this sample in Teams is to use Teams Toolkit for Visual Studio Code.
- Ensure you have downloaded and installed Visual Studio Code
- Install the Teams Toolkit extension
- Select File > Open Folder in VS Code and choose this samples directory from the repo
- Using the extension, sign in with your Microsoft 365 account where you have permissions to upload custom apps
- Select Debug > Start Debugging or F5 to run the app in a Teams web client.
- In the browser that launches, select the Add button to install the app to Teams.
If you do not have permission to upload custom apps (sideloading), Teams Toolkit will recommend creating and using a Microsoft 365 Developer Program account - a free program to get your own dev environment sandbox that includes Teams.
- Register your app with Microsoft identity platform via the Azure AD portal (Microsoft Entra ID app registration in Azure portal)
- Your app must be registered in the Azure AD portal to integrate with the Microsoft identity platform and call Microsoft Graph APIs. See Register an application with the Microsoft identity platform.
Note - Make sure you have added TeamsAppInstallation.ReadForUser.All
as Application level permission for the app.
-
Clone the repository
git clone https://github.com/OfficeDev/Microsoft-Teams-Samples.git
-
In a terminal, navigate to
samples/graph-rsc/nodejs
-
Install modules
npm install
-
Run ngrok - point to port 3978
ngrok http 3978 --host-header="localhost:3978"
Alternatively, you can also use the
dev tunnels
. Please follow Create and host a dev tunnel and host the tunnel with anonymous user access command as shown below:devtunnel host -p 3978 --allow-anonymous
-
Update the
.env
file configuration (ClientId, ClientSecret) for the bot to use the Microsoft App Id and App Password from the Microsoft Entra ID app registration in your Azure Portal or from Bot Framework registration. (Note the App Password is referred to as the "client secret" in the azure portal and you can always create a new client secret anytime.) -
Run your bot at the command line:
npm start
-
This step is specific to Teams.
- Edit the
manifest.json
contained in theappManifest
folder to replace your Microsoft App Id (that was created when you registered your bot earlier) everywhere you see the place holder string<<app id>>
(depending on the scenario the Microsoft App Id may occur multiple times in themanifest.json
) [Your tunnel Domain]
with base Url domain. E.g. if you are using ngrok it would behttps://1234.ngrok-free.app
then your domain-name will be1234.ngrok-free.app
and if you are using dev tunnels then your domain will be like:12345.devtunnels.ms
.- Zip up the contents of the
appManifest
folder to create amanifest.zip
- Upload the
manifest.zip
to Teams (in the Apps view click "Upload a custom app")
- Edit the
- Graph RSC
- Upload app manifest file (zip file) to your team.