Skip to main content

Notifications

Power Automate - Using Connectors
Answered

Teams tab creation through Graph API (Missing role permissions on the request)

(0) ShareShare
ReportReport
Posted on by

Hi all,

 

I've been trying to add OneNote as a tab to all newly created channels within teams. I'm using REST API calls as per tutorial I can no longer find. I've got an app registered in AAD with the following permissions:

Screenshot 2021-11-18 115942.png

 

I need to use delegated (work account) permissions due to company rules. 

 

I've tried calling the API using two ways of authorization: 

AD OAuth in advanced options of the connector like this:

vivaldi_OHDi5o1wGh.png

And getting the token separately before and attaching it as header with the request:

vivaldi_ZEHixwMDQa.png

 

 

(Please ignore the body of the tab for now, it was copied straight from the tutorial - unless it could mess with permissions?)

 

Both ways I'm getting a 403 error:  

 

Missing role permissions on the request. API requires one of 'TeamsTab.Create, TeamsTab.ReadWriteForTeam.All, TeamsTab.ReadWrite.All, Group.ReadWrite.All, Directory.ReadWrite.All, TeamsTab.Create.Group'. Roles on the request ''. Resource specific consent grants on the request ''.

 

 

Honestly no idea what I'm doing wrong. Something else I need to add to the app registration? Does it not actually work with delegated permissions (even though the documentation says it should)?

 

I've looked around and could not find anything very relevant so I'll appreciate any help!

  • DBaker1 Profile Picture
    DBaker1 20 on at
    Re: Teams tab creation through Graph API (Missing role permissions on the request)

    I as able to use this connector to get the delegated permissions to work and create a tab in a Team.

    DBaker1_0-1647480565108.png

     

  • Verified answer
    Re: Teams tab creation through Graph API (Missing role permissions on the request)

    Hi @Pokora22 ,

     

    If you use http action , you need to use application permission rather than delegated permission.

    If you want to use delegated permission, you should create a custom connector instead of using http action.

    The steps to create a custom connector are similar to http action , and they require similar parameters.

     

    Best Regards,

    Wearsky

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Microsoft Kickstarter Events…

Register for Microsoft Kickstarter Events…

Announcing Our 2025 Season 1 Super Users!

A new season of Super Users has arrived, and we are so grateful for the daily…

Announcing Forum Attachment Improvements!

We're excited to announce that attachments for replies in forums and improved…

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 145,691

#2
RandyHayes Profile Picture

RandyHayes 76,287

#3
Pstork1 Profile Picture

Pstork1 65,019

Leaderboard

Featured topics