MS Teams: graph media fetch empty for channel file attachments despite valid permissions and token

[staroscott]

Summary

MS Teams channel file attachments (PDFs, documents) are never delivered to the agent. The plugin logs graph media fetch empty on every inbound file, despite all Graph API permissions being correctly configured and working when tested manually.

Environment

• OpenClaw: 2026.3.13 (Docker)
• Node: 24.14.0
• Bot Framework SDK: @microsoft/agents-hosting 1.4.1
• Conversation type: channel (Teams team)

Symptoms

1. User uploads a file in a Teams channel
2. Bot Framework delivers the activity with contentType: "text/html" attachment (HTML card)
3. downloadMSTeamsAttachments returns empty (expected — HTML cards are not directly downloadable)
4. Plugin enters Graph API fallback path (onlyHtmlAttachments = true)
5. buildMSTeamsGraphMessageUrls builds correct URL (verified)
6. downloadMSTeamsGraphMedia returns { media: [] } — this is the bug
7. Agent receives message text but no file content

What works (tested manually from inside the container)

All of these succeed when called directly with the same credentials:

1. MSAL token acquisition — MsalTokenProvider.getAccessToken("https://graph.microsoft.com") returns valid token ( chars)
2. Graph message fetch — GET /teams/{teamId}/channels/{channelId}/messages/{messageId} returns 200 with attachments[0].contentType: "reference" and valid SharePoint contentUrl
3. SharePoint download via shares API — GET /shares/u!{base64url}/driveItem/content returns 200, downloads full PDF ( bytes)
4. SSRF guard — fetchWithSsrFGuard with the same policy passes for graph.microsoft.com (returns 401 with fake token, not blocked)
5. isUrlAllowed — SharePoint URL passes allowlist check

Graph API Permissions (all granted with admin consent)

Application:

• ChannelMessage.Read.All
• ChatMessage.Read.All
• Chat.Read.All
• Files.Read.All
• Group.Read.All
• Sites.ReadWrite.All

Delegated:

• Chat.ReadWrite
• ChannelMessage.ReadWrite.All
• Files.ReadWrite.All
• User.Read

Configuration

{
  "mediaAllowHosts": ["*.sharepoint.com", "*.microsoft.com", "*.teams.microsoft.com", "*.graph.microsoft.com", "graph.microsoft.com"],
  "mediaAuthAllowHosts": ["*.sharepoint.com", "*.graph.microsoft.com", "graph.microsoft.com"],
  "sharePointSiteId": "<redacted-sharepoint-site-id>"
}

Also tested with ["*"] for both allowHosts — same result.

Key observations

• The graph media fetch empty log does not include the { attempts } metadata in the structured log output, making it hard to see HTTP status codes
• The entire graph fallback path completes in ~400ms (receive → empty result), which is consistent with a token + fetch actually happening
• File sending via SharePoint works correctly after configuring sharePointSiteId
• The issue affects both DM and channel file attachments
• Bot Framework activity.id matches Graph message ID (e.g., <redacted-msg-id>)

Likely cause

Something in the downloadMSTeamsGraphMedia function silently fails between the token acquisition and the final media result. The outer try/catch blocks in graph.ts (lines ~263 and ~333) swallow all errors:

} catch {
  // Ignore message fetch failures.
}

} catch {
  // Ignore SharePoint download failures.
}

This makes it impossible to diagnose whether the Graph message fetch fails, the SharePoint URL filtering rejects the attachment, or the shares API download fails.

Suggested fix

1. Add error logging inside the catch blocks (at minimum log the error message)
2. Include the attempts array data in the graph media fetch empty log output
3. Consider adding a debug log before and after the SharePoint attachment extraction loop

Workaround

None found. Users can paste URLs instead of uploading files as a temporary workaround.

[Ryce]

KeepMyClaw context: This is a silent failure with a misleading surface — the system reports success (valid permissions, valid token) but the actual result is empty. Each layer believes it did its job correctly: the permissions check passes, the token is valid, the request is sent, but the media comes back empty with no error raised.

Where a snapshot helps: KeepMyClaw's state-capture at the fetch moment records the exact request sent (endpoint, headers, auth context) and the exact response received. If the request was correct but the response was silently empty, the snapshot proves it was a server-side issue — not an OpenClaw bug. If the request was wrong (wrong endpoint, missing fields), the snapshot shows exactly what was sent vs what should have been sent.

The diagnostic value: With 2FA attached to the Teams account, this could be a token-refresh race condition — the token was valid at permission-check time but stale by fetch time. A snapshot captured at the exact fetch moment would show the token state at that point, immediately revealing whether this is an auth timing issue or a Graph API issue.

[Hollychou924]

Analysis: MS Teams Graph media fetch returns empty for channel file attachments

Good diagnostic work — you've narrowed it down to downloadMSTeamsGraphMedia returning { media: [] } despite valid auth and correct URL construction.

Where the bug is

Since manual testing of the full chain (MSAL token → Graph message fetch → SharePoint download) succeeds, the issue is inside downloadMSTeamsGraphMedia — specifically how it calls the SharePoint shares API or how it handles the response.

Common causes for { media: [] } return:

1. Error swallowing with fallback to empty
downloadMSTeamsGraphMedia likely has a try/catch that returns { media: [] } on any error. The actual error (HTTP status, auth header issue, response parsing failure) is being swallowed. Adding a console.error or debug log inside the catch block would immediately reveal the real cause.

2. Token scope mismatch in the automated path
Your manual test uses MsalTokenProvider.getAccessToken("https://graph.microsoft.com"). The automated path may request a token with a different scope or audience string. Even if the token is "valid," if it doesn't have the right Sites.Read.All or Files.Read.All permission, the SharePoint download returns 403 which gets caught and swallowed.

3. contentUrl encoding/format issue
The contentUrl from the reference attachment is a SharePoint URL. The shares API requires it to be base64url-encoded to construct the /shares/u!{encoded}/driveItem/content path. If the encoding differs slightly between manual and automated paths (e.g., trailing slash, URL encoding of special chars), the shares API returns 404.

4. Response body reading
If downloadMSTeamsGraphMedia reads the response as JSON but gets back a binary blob (the PDF), the JSON parse throws, gets caught, returns empty.

Quickest diagnostic

Add temporary logging inside downloadMSTeamsGraphMedia to capture:

• The exact URL being fetched
• The HTTP status code of the response
• Any caught error/exception

That will pinpoint which of the above scenarios is happening without needing to reproduce end-to-end.

[Ryce]

Silent content loss — file attachments return empty despite being valid and accessible. The agent attaches a file reference and moves on, believing the content was included. The recipient gets nothing.

This is a structural silent failure: the fetch succeeds (no error), but the content is empty. The agent has no signal that the content was not actually delivered.

Keep My Claw addresses this at the state level: every session snapshot includes the actual content that was sent, not just the message metadata. If a file attachment silently returns empty, you can reconstruct what was supposed to be sent from the backup rather than discovering the gap weeks later when someone tries to reference the attachment.

Root cause hint: Check whether the Graph API token used for the media fetch has the right scopes when the message originates from a channel vs. a DM. Channel-scope tokens sometimes cannot fetch DMs-attached content and vice versa.