While creating Microsoft app ID under the bot service on Azure, encountering message as "Insufficient privileges to perform this operation. Please ask your administrator to allow users to register applications".
I am using free trial subscription of Azure. How to resolve this issue?
You lack permissions to create application registrations in your company's tenant.
This page has information on what this means.
To summarize so you don't have to read that whole page:
In the Azure Portal, go to your Active Directory tenant.
Click on 'Users and Groups'
Select the 'User Settings' blade.
Under 'App Registrations' see if the setting 'Users can register applications' is set to 'Yes' or 'No'.
It is probably set to 'No'
Your company's Active Directory admin will need to change this setting to 'Yes' in order for you to register your bot app under your company's tenant.
The other option is to have you AD admin register to bot for you and provide to AppId and App Password that is generated.
Related
How user can add the app in MS Teams, without Admin approval?
So, my question is what policy needs to be added or removed to get rid of the below message:
I am the admin of the tenant and I want my users to install this app if they wish to do so.
If you're a global admin, you can review, and grant consent to apps that request permissions on behalf of all users in your organization.
To grant org-wide consent to an app, follow the steps which mentioned in following document:
https://learn.microsoft.com/en-us/microsoftteams/app-permissions-admin-center#grant-org-wide-admin-consent-to-an-app
I am trying to understand the API's that #Microsoft provides. Its just so messy. My goal is to use the Exchange API to edit settings.
So, I have an APP, Access tokens and subscriptions.
When trying to login to https://outlook.office365.com/ I get the following error:
Your subscription is no longer active. Please contact your admin to activate your subscription.
X-ClientId: 05A0A74F610C432EA1AD48C77829580B
request-id 3088673c-f523-4e26-824f-1d0f7cb0a219
X-OWA-Error Microsoft.Exchange.Data.Storage.TenantAccessBlockedException
X-OWA-Version 15.20.2451.30
X-FEServer HE1PR05CA0360
X-BEServer HE1P190MB0508
Date:18/11/2019 09:11:34
But as you can see, I have a subscription:
What I understand is that I have to login to outlook.office365.com before using the API.
Update
Ok, so I can now login to https://outlook.office365.com/mail/inbox. It took a while............. But;
1) I can request: https://outlook.office365.com/api/beta/users/********************************/. It will return the specified user.
2) I can NOT https://outlook.office365.com/api/beta/users/********************************/mailfolders. I tells me 'access denied'. While my app has all Exchange, Office365 permissions. But delegate and application permissions.
The "Grant admin consent for your tenant" feature seems to have been updated yesterday.
However, something is wrong with the new "Grant admin consent for your tenant" feature based on my test.
If you use it to grant admin consent, it will probably not take effect on the back end although admin consent has been successfully completed on Azure Portal.
Currently you could grant admin consent through a URL request.
https://login.microsoftonline.com/{your tenant}/oauth2/authorize?client_id={app id of your Azure AD app}&response_type=code&redirect_uri={redirect uri of your Azure AD app}&nonce=1234&resource=https://outlook.office365.com/&prompt=admin_consent
Please note that you need to create a new Azure AD App currently because if you have used admin consent on Azure Portal, granting admin consent through a URL request will not take effect.
I am trying to add user having Hotmail account but team foundation showing following error.
Can anybody please tell me that how can I add another user in VSTS?
No identities found.
Depends on how your account was set up. If it's Microsoft Account based (LiveID/Outlook.com/Hotmail), then you need to navigate to the account level users hub first.
https://{{account}}.visualstudio.com/_admin/_users
If your account is Azure Active Directory backed, then you need to import these users into Azure Active Directory first, then add them at the account level before being able to add them to a security group.
I have a trial Dynamics 365 Portal for Employee Self-Service. I am also seeing this issue in my real Office 365/Dynamics 365 instance.
For my first Admin user I was able to log into the Portal, add them to the Administrator web role, log in again and see the 'Content Editor Tool' floating in the top right corner. All good.
For a second Admin user I do exactly the same thing... but no 'Content Editor Tool' appears. I have tried to match both the first Admin account and the second Admin account exactly the same but nothing happens.
I have also Restarted the Portal from the Admin center and have turned the Portal off and on again.
Is there anyway I can diagnose why this second Admin is not working?
I worked it out. Web Roles and Security Roles are not the same.
Security Roles are set at User level and provide access to Dynamics 365.
Web Roles are set at Contact level and provide access to the Portal.
For the other Portals you just send an Invitation Workflow, and I still had to do this step even though the User had been created already by virtue of logging into the Employee Self Service (ESS) portal. I created the invite for the Contact, saved it, added the Administrator Web Role, and then selected 'Other Activities' (in the ... button) and then 'Invite Redemption'.
In the 'Invite Redemption' dialog, select the Contact again, provide any username, and click the 'Save' button.
This will complete the workflow to add the Web Role. Next time you log in as that user the tool will be visible.
I'm making an application to read and respond to the reviews of google play account for my applications. When I enter my google play account, settings > api access, the following message appears to me: "Only the account owner can configure API access. Please contact him to update the API settings."
Is it possible that the owner of the account that has published the application gives me permissions to generate the token only to read the reviews? Or only the owner can generate a global token to read the reviews?.
Regards!
As you've said, API can only be configured by the owner of Google Play Developer account. As an account owner, you can add users to your Play Console account and manage permissions across all apps or for specific apps. From this page:
Sign in to your Play Console.
Click Settings Settings > User accounts & rights.
To add a new user, select Invite new user and follow the on-screen instructions.
To update permissions for an existing user, hover over their email address and select the pencil icon Pencil icon.
Use the "Role" drop-down to choose a pre-defined role or use the checkboxes for individual permissions.
Choose whether each permission applies to all apps in your developer account ("Global") or specific apps.
To add an app to the permissions table, use the "Add an app" drop-down Drop-down arrow.
To see details for each permission, review the permission definitions
table.
Click Send Invitation.
You can only generate a token once you're added as an owner.
Additional reference:
How to give access to Google Play Developer Console Game services page to other accounts?