What permissions are required by an Azure app to call a Teams powershell command?

David - 10 Reputation points
2023-03-16T12:51:09.3+00:00

I want to connect powershell to a Teams tenant using Application-based Access Tokens and then execute the Get-CsCallQueue cmdlet. I can connect successfully with my AppID but I get permission denied when I execute the cmdlet. Does anyone know what Azure AD permissions I need to give to the app in order for the cmdlet to run? If I connect powershell to the Teams tenant with my Azure user, I can execute the cmdlet successfully.

Microsoft Teams Development
Microsoft Teams Development
Microsoft Teams: A Microsoft customizable chat-based workspace.Development: The process of researching, productizing, and refining new or existing technologies.
2,843 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,362 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,455 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. James Hamil 21,621 Reputation points Microsoft Employee
    2023-03-17T05:26:35.95+00:00

    Hi @David - , to execute the Get-CsCallQueue cmdlet, you need to have the Teams.ManageCalls and Teams.ManageChats permissions in Azure Active Directory. You can add these permissions to your app by following these steps:

    1. Go to the Azure Active Directory app in the Azure portal.
    2. Select API permissions.
    3. Select Add Permissions.
    4. In the Add Permissions menu, select Azure Communication Services.
    5. Select the permissions Teams.ManageCalls and Teams.ManageChats, then select Add permissions.

    Please let me know if you have any questions. If this doesn't work please let me know and post a screenshot of your current permissions.

    If this answer helped you please mark it as "Verified" so other users can reference it.

    Thank you,

    James

  2. Alexandre Blanchette 26 Reputation points
    2023-05-08T14:49:42.5566667+00:00

    I had the same issue. The Teams.ManageCalls and Teams.ManageChats don't help in this situation. You have to assign the Teams Communications Administrator role:

    Log in to portal.azure.com, > Azure AD > Roles and administrators > search for 'Teams' in the role list > Select Teams Communications Administrator (Teams Administrator would work too).

    Got the solution on this site: https://www.myteamslab.com/2022/12/teams-powershell-module-certificate.html

    0 comments