microsoftgraph / microsoft-graph-comms-samples

Microsoft Graph Communications Samples
MIT License
209 stars 232 forks source link

New-CsOnlineApplicationInstance command is not supported as per Mircosoft docs #669

Open VadymPavliuk opened 1 year ago

VadymPavliuk commented 1 year ago

Hi,

I'm trying to set Policy recording bot, I did deployed cloud up, now I'm trying to set-up app Instance as per instructions: image

I tried this command in few different variations, with same result each time: Access Denied: image

I did connect in few suggested ways: Connect-MicrosoftTeams -CertificateThumbprint "XXXXXXXXXXXXXXXXXXXX" -ApplicationId "XXXXXXXXXXXXXXXXXXXXX" -TenantId "XXXXXXXXXXXXXXXXXXXXXX" Connect-MicrosoftTeams - to logic direcrtly Connect-MicrosoftTeams -AccessTokens @("$graphToken", "$teamsToken") - or using acces token.

I was able to connect in all 3 ways, I did assgned nessesary privilegs to the app, and gave roll of "Teams Administrator" and "Global Administrator" at some point. But still I got Access Denied on any of the operations. [Get|Set|New|Sync]-CsOnlineApplicationInstance

I found this article that suggest that this commad is not supported: https://learn.microsoft.com/en-us/microsoftteams/teams-powershell-application-authentication#cmdlets-supported

I did see on other issue that people were able to run this command. Am I missing something? or there was a changes related to this command? Do I have any alternetives ?

Graph SDK (please complete the following information): 1.2.0.3742

InDieTasten commented 1 year ago

Using a tenant native user with global administrator permissions should work

GarmanK commented 3 months ago

@VadymPavliuk Did you find a work around using app based auth? I am running into the same issue.

InDieTasten commented 3 months ago

I think the best bet will be to drop attempting to do this with app-based login and instead use proper user login. Is there any reason this is not a viable option for you?

GarmanK commented 2 months ago

unfortunately it's our only option from a security standpoint for this multi tenant solution.