Microsoft Teams Graph API 在未经管理员同意的情况下获取用户所属的团队？

Question

I want to get a list of teams for a given user without needing admin_consent . Is this possible? I assumed that if a user consents to an application and I get an access token for them that I would be able to request information scoped to that single user, like what teams they are a part of.

But after looking at the api permissions /me/joinedTeams it looks like admin_consent is needed for all of them, which is problematic.

Answer 1

Turns out due to some API weirdness you can use /me/memberOf without admin_consent to at least get the ID's of all teams the user has permissions to.

/me/joinedTeams however will just return a 403 Forbidden .

Also if you want to map the "external"? id for a team returned from /me/memberOf to the "internal" id that a Teams message will have (begins with 19: ) you can still use the /teams/{id} endpoint also without any admin credentials to get just the internal ID for the team.

Answer 2

To get the the teams the user is a member of is possible from application as well

URL-> https://graph.microsoft.com/v1.0/users/{{UserId}}/joinedTeams

Authorization -> BEARER {{AppAccessToken}}

To get the app access token

URL -> https://login.microsoftonline.com/{{TenantID}}/oauth2/v2.0/token

Body-> x-www-urlform-encoded

grant_type-> client_credentials

client_id -> {{ClientID}}

client_secret -> {{ClientSecret}}

scope -> https://graph.microsoft.com/.default

you will need you app to have permission

1- > teams.setting.user.all

2 -> teams.read.basic.all

see if some other permissions are also required But this worked for me.