Solved: MS Teams Add-On Graph subscription fails

hanselad · ‎06-15-2020

Hello,

We're trying to use this add on to get MS Teams Call Quality data into Splunk. However, there is a persistent issue -- we're not able to subscribe to Graph change notifications. The error we get is
2020-06-15 14:59:01,505 ERROR pid=13270 tid=MainThread file=base_modinput.py:log_error:309 | Could not create subscription: 400 Client Error: Bad Request for url: https://graph.microsoft.com/v1.0/subscriptions

When tried through Postman or curl, the error is

{
  "error": {
    "code": "InvalidRequest",
    "message": "The underlying connection was closed: An unexpected error occurred on a send.",
    "innerError": {
      "date": "2020-06-15T15:08:45",
      "request-id": "bbd8c734-15e4-4439-b2bc-be49ba2a6335"
    }
  }
}

Anyone facing a similar error?

@jconger

livehybrid · ‎06-18-2020

Its funny you mention that because I've just done the exact same using AWS LB and ACM.

The logging out of Azure isnt particularly helpful. I also ran into the SSL issue - Azure doesnt allow for non-trusted certificate, there doesnt appear to be a flag to disable.

For anyone else running into this issue, ensure that you're webhook is publicly accessible with a publicly trusted SSL Certificate and that your Azure application has the correct API permissions to configure. the subscription.

View solution in original post

livehybrid · ‎06-16-2020

I ran in to the same problem with this - the webhook has to be externally accessible and must be https!

{
"notificationUrl": "http://myfqdn:4444",
"resource": "/communications/callRecords",
"changeType": "created, updated",
"expirationDateTime": "2020-06-18T21:36:38Z"
}

returns:

{
	"error": {
		"code": "InvalidRequest",
		"message": "NotificationUrl scheme='http' is not supported.",
		"innerError": {
			"date": "2020-06-16T21:36:39",
			"request-id": "50aa099c-21a1-4531-aeb8-f42596924e24"
		}
	}
}

Azure must also be able to resolve the domain.

I hope this helps.

hanselad · ‎06-17-2020

Hey @livehybrid thanks for your response! Our webhook was on a HF in a DMZ, we made sure it was publicly accessible, tried https and http for the webhook but ran into similar errors.

We found the culprit this morning though -- It was a cert issue. Azure did not like what we had and the SSL termination process was not working correctly on our HF. To fix, we set up an ALB (AWS infra) and set up an HTTPS listener on it. This paired with the right cert from ACM fixed the issue for us. Hope this helps!

livehybrid · ‎06-18-2020

Its funny you mention that because I've just done the exact same using AWS LB and ACM.

The logging out of Azure isnt particularly helpful. I also ran into the SSL issue - Azure doesnt allow for non-trusted certificate, there doesnt appear to be a flag to disable.

For anyone else running into this issue, ensure that you're webhook is publicly accessible with a publicly trusted SSL Certificate and that your Azure application has the correct API permissions to configure. the subscription.

hanselad · ‎06-18-2020

Good to know we weren't the only ones with that issue. Thanks for chiming in!

MS Teams Add-On Graph subscription fails

configuration

Dashboard Studio Challenge - Learn New Tricks, Showcase Your Skills, and Win Prizes!

Introducing Edge Processor: Next Gen Data Transformation

Take the 2021 Splunk Career Survey for $50 in Amazon Cash