Share via

Unable to Post HTML Message to Teams Channel Using Token from OAuth2 v2.0 Endpoint.

Lakkireddygari Sai Ram 0 Reputation points
2025-11-27T06:12:10.91+00:00

I am able to successfully send an HTML message to a Microsoft Teams channel when using the access token generated by Graph Explorer. However, when I request an access token from the following endpoint:

https://login.microsoftonline.com/{teneant_id}/oauth2/v2.0/token

and use that token to call the Microsoft Graph API to post a message to a Teams channel, the request fails.

Microsoft Teams | Development
Microsoft Teams | Development
Building, integrating, or customizing apps and workflows within Microsoft Teams using developer tools and APIs
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2025-11-27T06:12:20.4466667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    When using an access token obtained from the OAuth2 v2.0 endpoint to post a message to a Microsoft Teams channel, ensure that the token has the necessary permissions (scopes) to perform that action. If the request fails, it could be due to missing permissions or incorrect token usage.

    Here are some steps to troubleshoot the issue:

    1. Check Scopes: Make sure that the access token includes the required scopes for posting messages in Teams. For example, you might need Chat.ReadWrite or ChannelMessage.Send depending on your use case.
    2. Token Expiry: Ensure that the token has not expired. Access tokens typically have a limited lifespan (usually 60 minutes).
    3. Correct Endpoint: Verify that you are using the correct API endpoint for posting messages to Teams. The endpoint should be something like POST https://graph.microsoft.com/v1.0/teams/{team-id}/channels/{channel-id}/messages.
    4. Content Type: Ensure that you are setting the correct Content-Type in your request headers, typically application/json.
    5. Message Format: If you are sending an HTML message, ensure that the body of the message is properly formatted according to the Microsoft Graph API requirements.
    6. Error Handling: Implement error handling to capture any specific error messages returned by the API, which can provide insights into what might be going wrong.

    If you continue to face issues, consider testing with the token generated by Graph Explorer to compare the differences in scopes and payloads used in both cases.

    0 comments
  2. Kudos-Ng 10,625 Reputation points Microsoft External Staff Moderator
    2025-11-27T07:25:08.3833333+00:00

    Hi Lakkireddygari Sai Ram,

    Thank you for posting your question in the Microsoft Q&A forum. 

    From your description, you are using the endpoint documented here to post a message to a Teams channel: https://learn.microsoft.com/en-us/graph/api/chatmessage-post?view=graph-rest-1.0&tabs=http#permissions.

    I understand that when you test with Graph Explorer, the token successfully posts the message, but when you request an access token yourself via: https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/token, the message post fails.

    Based on the documentation and common patterns, here are the key insights:

    1) Two types of access tokens and why they behave differently:

    • Delegated token (user context): Issued when an end user signs in and consents to scopes. The token carries scp (scope) claims and is used for APIs that perform actions on behalf of a user. Graph Explorer typically uses delegated tokens.
    • Application token (app-only): Issued via client credentials, without user interaction. The token carries roles (application permissions) and is used for service-to-service scenarios without a user. This model is intended for specific workloads (e.g., migration/import), not for sending runtime user messages.

    2) Permissions for the chat message endpoint:

    The chat message POST endpoint does not expose an application permission that allows sending messages during normal operation. The only application permission in this area is for migration/import scenarios (e.g., Teamwork.Migrate.All). Consequently, if your flow acquires an application (app-only) token, it will not be able to send messages to a channel in real time.
    User's image

    To post a message to a Teams channel at runtime, you should acquire a delegated token via the Authorization Code flow (or On-Behalf-Of if applicable). Microsoft’s step-by-step guide is here:
    https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow.

    Hope this helps. If you have any further questions, please feel free to share.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.