Problem with botframwork conection with teams

Question

Hello,

I am creating a Microsoft Teams bot that connects to n8n to process user messages and send back a response. The message is successfully sent from Teams, and the payload is correctly received in n8n.

However, when I try to send the message back using the Bot Framework API with the following URL:

https://smba.trafficmanager.net/amer/v3/conversations/<conversationId>/activities or https://smba.trafficmanager.net/amer/<tenant_id>/v3/conversations/<conversationId>/activities, I always receive the response "Authorization has been denied for this request". I include in the header an Bearer <access_token> that I generate beforehand.

For generating the access_token I'm using:
https://login.microsoftonline.com/botframework.com/oauth2/v2.0/token

sending the parameters in the body: client_id, client_secret, grant_type: client_credentials, scope: https://api.botframework.com/.default

How can I make it work to send messages back to Teams?

Answer 1

Hi @JonhQuintero,

Welcome to Microsoft Q&A, and thank you very much for reaching out.

From your description, it appears you are using the Bot Framework REST API for sending and receiving messages. While your bot successfully receives messages, it fails to send responses and returns an HTTP 401 Unauthorized error. Please correct me if I’m mistaken.

Please note that as a Microsoft Q&A moderator, I do not have access to your tenant configuration. However, I’ll assist you using publicly available Microsoft documentation and resources.

To help you further, could you confirm whether your App Registration is configured as Supported account types: Multi-tenant or Single-tenant? From my research, Microsoft stopped allowing the creation of new multi-tenant bots after July 31, 2025. Existing multi-tenant bots continue to function, but there have been multiple reports of 401 errors associated with multi-tenant configurations.

If you’re on multi‑tenant, you can consider creating a new Single‑tenant app to avoid future issues. Once you do:

• Update your configuration files with the new App ID and client secret.
• Add the Tenant ID property so single‑tenant authentication works correctly.
• Follow this Microsoft official document for bot‑to‑connector authentication (Single-tenant).

Additionally, after you retrieve the token, please verify the JWT claims by pasting the token into https://jwt.ms. Kindly confirm that:

• aud = https://api.botframework.com
• tid matches your Tenant ID

This link will take you to jwt.ms, which is outside Microsoft’s domain. Please note that Microsoft is not responsible for the accuracy, security, or advertising on external sites.

This quick check helps ensure you’re authorizing against the correct audience and tenant before calling the Bot Connector endpoint.

I hope this helps. Looking forward to hearing back from you.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".     

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 2

Hi,

The app is registered as a single tenant, as I created it on the October 24th 2025. I checked the token with the jwt.ms and the aud matches with https://api.botframework.com but the tid doesn't correspond to my tenant id, mine starts with <removed for PII>... but the one I recieve starts with "tid": "<removed for PII>....

How can I fix that?

Just to confirm I'm sending this curl to get the token_access

curl -X POST https://login.microsoftonline.com/botframework.com/oauth2/v2.0/token \

-H "Content-Type: application/x-www-form-urlencoded" \

-d "client_id=<app client ID from the azure app registration>" \

-d "client_secret=<value from the client secret>" \

-d "grant_type=client_credentials" \

-d "scope=https://api.botframework.com/.default"