The error message you're seeing is likely due to the fact that your app is not multi-tenant. When you register an app in Azure AD, it is, by default, single-tenant, meaning it can only authenticate users in the tenant it was registered in. If you want to authenticate users from other tenants, you need to make your app multi-tenant. After making your app multi-tenant, users from other tenants should be able to authenticate with your app.
However, when you use SSO, Teams provides a token that your app can use to call Microsoft Graph and fetch the user's email address. This token is scoped to the user's profile information and email, and it can only be used to call Microsoft Graph. If you need to call other APIs or fetch other information, you'll need to implement a consent flow to get the necessary permissions from the user. In your case, you're trying to fetch the user's Teams ID, conversation ID, and tenant ID. These are not available through Microsoft Graph, so you'll need to fetch them from the context of your app. The Teams ID and tenant ID are available in the team
object in the context, and the conversation ID is available in the channel
object.
const teamId = context.activity.channelData.team.id;
const tenantId = context.activity.channelData.tenant.id;
const conversationId = context.activity.conversation.id;
Remember, these values are only available in team or channel context. If your app is installed in a personal scope, you won't be able to fetch the team ID or tenant ID.
Thanks,
Prasad Das
*************************************************************************
If the response is helpful, please click "Accept Answer" and upvote it. You can share your feedback via Microsoft Teams Developer Feedback link.