Migrated to https://github.com/evenevan/export-ms-teams-chats
Last active
September 6, 2024 06:23
-
-
Save evenevan/ca4e79fe3f346dc86599d9d53daa35de to your computer and use it in GitHub Desktop.
Export Microsoft Teams chats with a work or school account
Thanks again for giving it a shot!
Unfortunately, I got a new error, similar to the first:
Need admin approval
unverified
This app may be risky. If you trust this app, please ask your admin to grant you access. Learn more
Have an admin account? Sign in with that account
Return to the application without granting consent
I'll go through the Graph Explorer and report back on that part.
By the way, the app name is as you described, "Teams Chat Export"
Here's what I see from Microsoft's Graph Explorer
Permission Admin consent required Status
Chat.Read No Consent
User.Read No Unconsent
offline_access No Consent
and some more items:
Chat.ReadBasic No Consent
Chat.ReadWrite No Consent
I'll try hitting Consent on the aforementioned permissions and see if there's an improvement.
Also, thanks for the instructions on how to log in so I can view these!
Update:
I'm not sure if this is from spamming Consent, but I am getting some success with queries like
https://graph.microsoft.com/v1.0/me/joinedTeams which actually does return valid information.
Unfortunately, I'm getting errors similar to earlier when trying to get messages:
"error": { "code": "Forbidden", "message": "Missing scope permissions on the request. API requires one of 'ChannelMessage.Read.All, Group.Read.All, Group.ReadWrite.All'. Scopes on the request 'Channel.ReadBasic.All, ChannelMessage.Edit, Chat.Create, Chat.Read, Chat.ReadBasic, Chat.ReadWrite, openid, profile, Team.Create, Team.ReadBasic.All, User.Read, User.ReadBasic.All, User.ReadWrite, email, ChannelMessage.Send'"
I really appreciate your involvement with this project - thank you so much :)
Based on the permissions you've shown me, I found that the traditional scope type should be valid, as none require admin permissions, and for some reason, I hadn't thought of trying it out with the PnP Management Shell application. I've given this a quick test, and it seems to work. In theory, using the PnP Management Shell (which appears to be an allowed app for your org) and the traditional scopes (which allow fine-tuned control over the permissions) should get you through every hoop.
I've pushed another change to the project, which removes the OpenID scope type. Downloading the new code and following the normal guide should hopefully work, if you decide to continue to pursue this of course.
Finally, that error in the last message you sent is somewhat interesting, as it says that it missing a scope. If you hit consent on the Chat.Read permission, that'll probably work.
Hi!
thanks for your work.
I want to report you that each chat with square brackets [ ] fail to export:
easy to fix, just add after line 156 :
$name = $name -replace '[[]]','_'
result:
Bye :)
Is there a way to also embed in the chat all sent and received files ?
right now in the exported html there is just the link to sharepoint.
Hi! thanks for your work. I want to report you that each chat with square brackets [ ] fail to export:
easy to fix, just add after line 156 : $name = $name -replace '[[]]','_'
result:
Bye :)
Hey! Thanks for the fix, but I've pushed a slightly different fix for your issue that preserves the square brackets; the issue was an oversight on wildcard paths and just required changing parameters.
Is there a way to also embed in the chat all sent and received files ? right now in the exported html there is just the link to sharepoint.
I've glanced through the process of downloading SharePoint files and I have concluded that for the time being, I don't have the time to try and make it work.
If you're up for it, you could open an an issue/pull request and work on an implementation. Otherwise, I may try adding this later on once I get some time. Although far from ideal, another solution is simply having all of the files available separately (you should have a folder name "Microsoft Teams Chat Files" in your org's OneDrive that has your uploaded files, but do note this doesn't include files uploaded by others).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
No worries!
It's unfortunate that didn't work, but Microsoft certainly didn't help with the vagueness of OpenID scope type's granted permissions. However, I have one more thing that you can try.
There is another OAuth scope type that you could try. Please note that I have not been able to test this one myself, as my organization locked down using third-party Azure Active Directory apps. First, download my code again (sorry!) as I have removed a seemingly unnecessary scope for this alternate method. Then, with a PowerShell 7 terminal in the directory with my code, run
.\Get-MicrosoftTeamsChat.ps1 -clientId f498b5fc-4099-4a24-b14d-2bf4565d041a -tenantId DOMAIN, where DOMAIN is replaced with the part after the @ in your school/work email, such ascontoso.com. In the authentication step, the app should be named "Teams Chat Export." If all goes well, you'll be able to sign in and the script will run.If that doesn't work, then I'm just about out of ideas. In this case, it would be helpful to know which permission(s) your org locked down. With Microsoft's Graph Explorer, try signing in with your work/school account by clicking on the person near the top right. If you can sign in (I couldn't for my other org account), click on your profile picture at the top right and then click
Consent to permissions. In the search box that appears, for each ofChat.Read,User.Read, andoffline_access, enter it into the search field and note if it says yes or no under theAdmin consent requiredcolumn. You may need to expand a category to find the permission. For reference, all three don't require admin consent for me.Please let me know how this goes if you decide to try ( ノ ^ー^)ノ