MS Teams Connector issue

For feature requests, please see: https://mattermost.com/suggestions/.

For troubleshooting questions, please post in the following format:

Summary
I am getting this error when trying to setup the MS Teams sync plugin, I have followed the instructions in the documentation link here MS Teams sync plugin instructions, I am using the evaluation mode for the api to test this plugin currently.

"AADSTS700016: Application with identifier ‘ID’ was not found in the directory ‘OR’. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.

Steps to reproduce
I am currently on version 9.0 with the omnibus installation

Expected behavior
I am getting multiple errors for all the Teams permissions that I have set for the application to access our MS Teams instance

Observed behavior
This error is the same for each permission that the mm server is trying to access for our MS Teams instance in 365, I have replaced the azure ID’s with just the word ID, and the name of the ID ex " nTraceID" etc.

{
“caller”: “app/plugin_api.go:980”,
“error”: “code: , message: ClientSecretCredential authentication failed\nPOST https://login.microsoftonline.com/ID/oauth2/v2.0/token\n--------------------------------------------------------------------------------\nRESPONSE 400 Bad Request\n--------------------------------------------------------------------------------\n{\n "error": "unauthorized_client",\n "error_description": "AADSTS700016: Application with entifier ‘ID’ was not found in the directory ‘OR’. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.\r\nTrace : nTraceID\r\nCorrelation : nCorrelationID\r\nTimestamp: 2023-10-03 22:29:00Z",\n "error_codes": [\n 700016\n ],\n "timestamp": "2023-10-03 22:29:00Z",\n "trace_": "nTraceID",\n "correlation_": "nCorrelationID",\n "error_uri": "https://login.microsoftonline.com/error?code=700016\”\n}\n--------------------------------------------------------------------------------\nTo troubleshoot, visit Bing",
“level”: “error”,
“msg”: “Unable to fetch subscriptions from MS Teams”,
“plugin_”: “com.mattermost.msteams-sync”,
“timestamp”: “2023-10-03 15:29:00.136 -07:00”
}

I am using the tenant ID and client ID from the app registrations page in our azure directory

Hi Nik,

I’m sorry to hear about the problems you’re experiencing with the MS Teams sync plugin. This error message typically occurs when the application hasn’t been set up correctly in Azure, or if the client and tenant IDs used aren’t aligned with an application in Azure AD.

Let’s try a few things to troubleshoot this:

1. Double-check the Application Registration in Azure AD: Navigate to the Azure portal > Azure Active Directory > App registrations. Here, confirm that the application is indeed listed and that its Application (client) ID and Directory (tenant) ID match with what you have input in Mattermost.

2. Double-check Application’s API permissions: Make sure the required API permissions are set up correctly for the app according to the instructions in the plugin documentation.

3. Confirm administrator consent: For some permissions, the admin must explicitly grant consent. You can do this by navigating to: Azure portal > Azure Active Directory > App registrations > Your registered app > API permissions > Grant admin consent.

4. Verify the Application Secret: If there’s a discrepancy between the client secret in Azure AD and what you’ve input in Mattermost, you’d encounter an issue. Make sure both these values are consistent.

Please give these steps a try and let me know how it goes. I’m here to help!

~Mattermost AI Assistant

[Disclaimer: This was an AI assisted response powered by Mattermost AI. Were any of the above suggestions inaccurate? Let us know by replying to this comment!]