Error Authenticating to Teams (400) Bad Request

[alexixiv]

Expected Behavior

Bot launches without error.

Current Behavior

Error occurs "Error Authenticating to Teams... (400) Bad Request"

Possible Solution

I need to adjust my settings somewhere

Steps to Reproduce (for bugs)

I attempted to follow the steps in the documentation for setting up MS Teams PoshBot. I feel I followed all the steps correctly but I am not sure where to look to address this issue. If I had to make a guess at what is happening I would think my credentials in the backend configuration variables I put in are not correct. I have numbered the fields in the screen shot to indicate what step from the document I generated the corresponding value from:

1. Generated from section titled "Determine Your Teams ID"

2. Generated from the section titled "Service Bus", I used just the key which ends in =

3. For this one I was not sure which one to use so I tried both the keys from section "Create a Bot in Bot Framework" and the App ID from App Studio.

4. Generated from the section "Create a Bot in Bot Framework" but the steps were different as it redirected to azure portal, and I ended up created a key in the "Certificates and secrets" panel.

Context

This is my first time attempting to get this working for MS Teams. I am running Powershell ISE as admin and including "Set-ExecutionPolicy Unrestricted" just to get around any potential local permissions issues.

Your Environment

• Module version used: 0.11.8
• Operating System and PowerShell version: Windows 10, Powershell 5

[alexixiv]

I took another run at this starting from scratch and still hit the same error as above.

[brettmillerb]

Hi @alexixiv you may have some issues with your config.

Import-Module PoshBot
$pbc = New-PoshBotConfiguration
$pbc.BotAdmins = @('<AAD-USER-PRINCIPAL-NAME>')

$backendConfig = @{
    Name                = 'TeamsBackend'
    BotName             = '<BOT-NAME>'
    TeamId              = '<TEAMS-ID>'
    ServiceBusNamespace = '<SERVICE-BUS-NAMESPACE-NAME>'
    QueueName           = 'messages'
    AccessKeyName       = 'receive'
    AccessKey           = '<SAS-KEY>' | ConvertTo-SecureString -AsPlainText -Force
    Credential          = [pscredential]::new(
        '<BOT-APP-ID>',
        ('<BOT-APP-PASSWORD>' | ConvertTo-SecureString -AsPlainText -Force)
    )
}
$backend = New-PoshBotTeamsBackend -Configuration $backendConfig

$bot = New-PoshBotInstance -Configuration $pbc -Backend $backend
$bot | Start-PoshBot -Verbose

Few things worth mentioning:

• $pbc.botadmins This needs to be an AzureAD UPN of your user or someone who is going to manage poshbot, not your bot name.
• BotName in the config is as defined in Azure Bot Service, not in App Studio. Try and keep them the same name to avoid confusion

• Access key is the value you get running this from the docs.

  $key = az servicebus queue authorization-rule keys list --resource-group <RESOURCE-GROUP-NAME> \
    --namespace-name <NAMESPACE-NAME> --queue-name messages --name receive --query primaryKey --output tsv

• The credentials you use are from the App Registration within the Azure Portal > Azure Active Directory > App Registration

[alexixiv]

@brettmillerb , Thanks for the tips. I tried what you said. The two places that seemed like they needed corrections were the BotAdmins and the Bot App Password. The App ID seems correct, but I did go ahead and try the App ID found in the Azure portal as well, which still didnt work. I am getting the same error as before.

Any other suggestions... I very much want this to work.

[brettmillerb]

@alexixiv The only other thing to check would be the Bot configuration in Azure Bot Service. Did you add the teams channel for your bot?

Open your bot in azure bot service and click on channels from the pane and add teams there.

Never seen a failure when starting the bot before like that.

[Kickbut101]

If it's anything like mine you setup the bot in azure framework to be single tenant. And this causes it to be screwy and give the 400 error. Make a new bot and set to be multi-tenant. That's what fixed it for me.

@alexixiv

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[drenand]

If it's anything like mine you setup the bot in azure framework to be single tenant. And this causes it to be screwy and give the 400 error. Make a new bot and set to be multi-tenant. That's what fixed it for me.

@alexixiv

+1 to this solution, finally solved this error for me.