Reputation: 10372
Half a year ago we created a bot using the App Studio app from Teams. This worked well and the bot is running happily. Apparently starting 2022 App Studio "evolved":
So, this time using the new "evolved" Developer Portal, we registered a similar bot in another environment.
Just to end up with a bot that somehow is not registered in the Microsoft-internal bot framework tenant. I cannot say how we ended up in this state but there is a troubleshooting site that we can use to verify our failed state. The result of this simple call looks like this:
For googleability:
AADSTS700016: Application with identifier '68dafaa0-5755-4433-8f47-3e174c5ed131' was not found in the directory 'Bot Framework'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.
Now the question: how can we add our bot to this "Bot Framework" tenant? And: which of the button clicks in the Dev Center and/or Bot Framework portal do the magic of adding the bot? The troubleshooting article unfortunately gives no advice on how to fix this situation.
We also tried removing the bot via the Bot Framework portal and re-created it with the same IDs and had the hope this fixes the situation. Unfortunately not.
Note: everything else is in place and looks like our other functioning bot. A teams app containing the bot, the Azure AD app registration with the bot ID, the bot in the bot portal, correct client secret. Everything seems correct except that the bot ID is missing from the Bot Framework tenant.
Upvotes: 5
Views: 4342
Reputation: 1092
I encountered this exact error before, and I found a solution that worked for me. I hope sharing it here will be helpful to someone else.
Go to your Azure portal and navigate to Azure Active Directory.
From there, go to "App registrations" and select your app.
Next, click on the "Authentication" tab.
In the "Supported account types" section, switch between "Single Tenant" and "Multi-tenant" options.
After making the changes, try accessing your bot again. Your bot should now be back online.
Now, navigate back to the "Supported account types" section and select either Single-tenant or Multi-tenant, depending on your preference.
Upvotes: 8
Reputation: 3367
Just ran into the same issue. It looks like you have your bot registered into your tenant (and not the global bot framework). So you can get the access token by changing the URL to the following (replacing with your tenant id):
https://login.microsoftonline.com/YOUR-TENANT-ID/oauth2/v2.0/token
Just tested this and was able to get an access token. Now will that token actually work the same way using the scope is another matter. You may need to change the scope to:
https://graph.microsoft.com/.default
As of now I am getting a token either way
To generate a bot directly into the global tenant you can go to the following URL and click on "My Bots" and then "Create". Any existing bots you have should also appear here:
Upvotes: 3