Objective: Subscribe a listener application to receive all ‘chat message’ events in the team/ channel for which the subscription has been created (or renewed).
We are using the Graph Subscribe API to read all Team chat messages, our understanding is that we would need to create an Azure app for this (as opposed to a plain-vanilla Teams Bot app using Bot API). Questions:
a) Does the Microsoft authorization hierarchy allow an Azure app to read Team chat messages from Microsoft accounts that are not part of the same Azure account/ tenant? What are the pre-requisites to do so?
b) Can such an app be published to the Teams marketplace? We would prefer this to improve the discoverability of the app across all organizations that use Teams, including those that do not have an Azure account.
c) Graph Subscribe API to read all Team chat messages requires the subscription to be renewed every 60 minutes. This makes the solution complex and prone to breakdown. Is there an alternate solution using which the subscription can be configured to be in non-expiry mode?
Error message we are getting while subscribing with POST - https://graph.microsoft.com/beta/subscriptions:
Operation: Create; Exception: [Status Code: Forbidden; Reason: Required permissions to access tenant-wide channel message subscription ('ChannelMessage.Read.All') is missing.]
This is when using the Bearer token generated from the common endpoint that we used with our Organizational account.
We also tried to give app roles like: https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-add-app-roles-in-azure-ad-apps
but it doesn't work either.