Solved: MS Teams Add-On Graph subscription fails

hanselad · ‎06-15-2020

Hello,

We're trying to use this add on to get MS Teams Call Quality data into Splunk. However, there is a persistent issue -- we're not able to subscribe to Graph change notifications. The error we get is
2020-06-15 14:59:01,505 ERROR pid=13270 tid=MainThread file=base_modinput.py:log_error:309 | Could not create subscription: 400 Client Error: Bad Request for url: https://graph.microsoft.com/v1.0/subscriptions

When tried through Postman or curl, the error is

{
  "error": {
    "code": "InvalidRequest",
    "message": "The underlying connection was closed: An unexpected error occurred on a send.",
    "innerError": {
      "date": "2020-06-15T15:08:45",
      "request-id": "bbd8c734-15e4-4439-b2bc-be49ba2a6335"
    }
  }
}

Anyone facing a similar error?

@jconger

livehybrid · ‎06-18-2020

Its funny you mention that because I've just done the exact same using AWS LB and ACM.

The logging out of Azure isnt particularly helpful. I also ran into the SSL issue - Azure doesnt allow for non-trusted certificate, there doesnt appear to be a flag to disable.

For anyone else running into this issue, ensure that you're webhook is publicly accessible with a publicly trusted SSL Certificate and that your Azure application has the correct API permissions to configure. the subscription.

View solution in original post

livehybrid · ‎06-16-2020

I ran in to the same problem with this - the webhook has to be externally accessible and must be https!

{
"notificationUrl": "http://myfqdn:4444",
"resource": "/communications/callRecords",
"changeType": "created, updated",
"expirationDateTime": "2020-06-18T21:36:38Z"
}

returns:

{
	"error": {
		"code": "InvalidRequest",
		"message": "NotificationUrl scheme='http' is not supported.",
		"innerError": {
			"date": "2020-06-16T21:36:39",
			"request-id": "50aa099c-21a1-4531-aeb8-f42596924e24"
		}
	}
}

Azure must also be able to resolve the domain.

I hope this helps.

hanselad · ‎06-17-2020

Hey @livehybrid thanks for your response! Our webhook was on a HF in a DMZ, we made sure it was publicly accessible, tried https and http for the webhook but ran into similar errors.

We found the culprit this morning though -- It was a cert issue. Azure did not like what we had and the SSL termination process was not working correctly on our HF. To fix, we set up an ALB (AWS infra) and set up an HTTPS listener on it. This paired with the right cert from ACM fixed the issue for us. Hope this helps!

paulm · ‎07-05-2023

@hanselad @livehybrid when you set up the ALB did you do it with a target group? what port did you point it to? when you set up a listener, what ports did you use? I'm really struggling to get this working... the documentation on how to do this is non existent 😞

livehybrid · ‎06-18-2020

Its funny you mention that because I've just done the exact same using AWS LB and ACM.

The logging out of Azure isnt particularly helpful. I also ran into the SSL issue - Azure doesnt allow for non-trusted certificate, there doesnt appear to be a flag to disable.

For anyone else running into this issue, ensure that you're webhook is publicly accessible with a publicly trusted SSL Certificate and that your Azure application has the correct API permissions to configure. the subscription.

hanselad · ‎06-18-2020

Good to know we weren't the only ones with that issue. Thanks for chiming in!

MS Teams Add-On Graph subscription fails

configuration

Cultivate Your Career Growth with Fresh Splunk Training

Introducing a Smarter Way to Discover Apps on Splunkbase

How to Send Splunk Observability Alerts to Webex teams in Minutes

Are you a member of the Splunk Community?

MS Teams Add-On Graph subscription fails

configuration

Cultivate Your Career Growth with Fresh Splunk Training

Introducing a Smarter Way to Discover Apps on Splunkbase

How to Send Splunk Observability Alerts to Webex teams in Minutes