Throw error when Inherited permission for Graph are skipped. #215
Description
Describe the bug
Graph permission like the following screenshot are required because agent exchanges token to get token for mcp and bot registration. If these permissions are skipped, the chat on Teams does not even work giving a false impression that agents are not listening.
Logs shows this error:
Failed to acquire agentic user token for agent_app_instance_id bb3100e6-cf61-4690-98dd-877b9858e3a9 and agentic_user_id c371e1e6-af5a-4a06-ac26-4f992eaa499d, {'error': 'invalid_grant', 'error_description': "AADSTS65001: The user or administrator has not consented to use the application with ID 'bb3100e6-cf61-4690-98dd-877b9858e3a9' named 'MkDevAgentUser'. Send an interactive authorization request for this user and resource. Trace ID: b491dd5d-4975-4bd3-9c29-e5cd7ef59200 Correlation ID: b75d4cef-dbd1-4057-ba7d-b8c79662897d Timestamp: 2026-02-02 19:35:45Z", 'error_codes': [65001], 'timestamp': '2026-02-02 19:35:45Z', 'trace_id': 'b491dd5d-4975-4bd3-9c29-e5cd7ef59200', 'correlation_id': 'b75d4cef-dbd1-4057-ba7d-b8c79662897d', 'suberror': 'consent_required', 'classification': 'consent_required'}
The setup continues, but considering the amount of logs that we emit, it's an easy miss.
Status shows Inheritable permissions configured(does not say which inheritable permissions were set - bot, mcp, etc)
Graph permissions being one of the important and cannot be ignored with the way runtime works for these agents. We should throw error to make sure we don't miss these permissions.
To Reproduce
Steps to reproduce the behavior:
Hard to repro, but you can try to repro the behavior by skipping graph consent.
Expected behavior
Should throw error if graph permissions are not set.
Screenshots
If applicable, add screenshots to help explain your problem.
Environment (please complete the following information):
- OS: [e.g. Windows] Windows
- SDK Version [e.g. 1.0] Agent 365 Cli v1.1.59-preview+d1f9f43ffa(latest from week 4 of January)
Additional context
Add any other context about the problem here.