Search code examples
microsoft-graph-apimicrosoft-teamsteams-toolkit

Teams Icon in Microsoft Teams Configurable Tab

I am building a teams app which is using a non-AAD based service to Authenticate. I would like to get the Teams Icon in my Configurable Tab. What are the option I have? I can not register an app, as the Teams app is going to be deployed on different tenants. Can I use microsoftTeams.authentication.getAuthToken for graph api(/teams/${teamsid}/photo/$value) without registering an app but on behalf of user ? or is there any easier way to get the teams icon.

const authTokenRequest: microsoftTeams.authentication.AuthTokenRequest = {
                successCallback: function (token: string) {
                  //const decoded: { [key: string]: any; } = jwt.decode(token);
                  //localStorage.setItem("name", decoded.name);
                  localStorage.setItem("token", token);
                   const response = await axios.get(apiConfig.endpoint + "/api/" + functionName, {
                        headers: {
                          authorization: "Bearer " + accessToken?.token || "",
                        },
                      });
                      return response.data;
                },
                failureCallback: function (error: any) {
                  console.log("Failure on getAuthToken: " + error);
                }
              };
              microsoftTeams.initialize(() => {
                microsoftTeams.getContext((r) => {
                  microsoftTeams.authentication.getAuthToken(authTokenRequest);
                });
              });

Through this I get below error: Attempting to handle auth response: error:invalid_resource|AADSTS500011: The resource principal named api://xxxxx/botid-xxxx was not found in the tenant named xxxx. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant., resource:api://xxxxx/botid-xxxx, error mapped to action:resourceDisabled

Solution

  • You must have your app registered to be able to use graph API. It is absolutely no problem that the app will be installed on a different tenant, you just need to select "multitenant" option when registering the app to enable this scenario.

    As far as I understand, logo pictures / icons are considered company data, so you need user consent to get it. For this reason, the app needs to be registered, and the user (or user admin) must agree to give the app access to the team info when adding your app.