Teams Tab application permission delegated version of Chat.Read.All permissions

James Naadjie 20 Reputation points

Our team is working on a teams tab application, and are running into a permissions issue. The application to request to


Returns the following error:

{"error":{"code":"Forbidden","message":"Missing role permissions on the request. API requires one of 'ChatMember.Read.WhereInstalled, ChatMember.ReadWrite.WhereInstalled, Chat.ReadBasic.WhereInstalled, Chat.Read.WhereInstalled, Chat.ReadWrite.WhereInstalled, ChatMember.Read.All, Chat.ReadBasic.All, Chat.Read.All, ChatMember.ReadWrite.All, Chat.ReadWrite.All, ChatMember.Read.Chat, Chat.Manage.Chat'
Resource specific consent grants on the request 

Is there an equivalent Chat.Read.All delegated permission we can use, instead of the resource specific, application permission?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
9,084 questions
Microsoft Teams Development
Microsoft Teams Development
Microsoft Teams: A Microsoft customizable chat-based workspace.Development: The process of researching, productizing, and refining new or existing technologies.
2,530 questions
0 comments No comments
{count} votes

Accepted answer
  1. HarmeetSingh7172 4,881 Reputation points

    Hello James Naadjie,

    Thanks for reaching out.

    Based on the description, it seems like you are looking for an equivalent delegated permission in MS graph API that can be used for the Chat.Read.All application permission. The Chat.Read.All application permission is only available as an application permission, which requires an application to be configured with admin consent.

    Delegated permissions are used to access resources that the signed-in user has consented to. There are some delegated permissions that can be used with a Teams tab application, such as Chat.Read, Chat.ReadBasic, Chat.ReadWrite. These permissions allow the application to read and write messages in the signed-in user's chat conversations and channels.

    However, in your use-case, API requires role permissions on the request that would either be fulfilled by an application permission or a resource specific permission.

    Refer below links for better understanding:

    Intro to Permissions and Consent:

    Resource Specific Consent:

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote. If you have any further questions about this answer, please click Comment.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful