Forbidden: Access denied by Frontier access control when creating/deleting blueprint messaging endpoint (create + cleanup both fail)

[normalian]

When running Agent 365 CLI endpoint registration for a blueprint, the command consistently fails with:
Forbidden: Access denied by Frontier access control
This happens for both create and delete operations:

a365 setup blueprint --endpoint-only fails when calling create endpoint.
a365 cleanup blueprint --endpoint-only fails when attempting to delete the messaging endpoint registration.

All authentication steps succeed (interactive auth via Windows Account Manager; token acquired and cached), but the Agent 365 Tools endpoint management API returns 403 Forbidden.
This appears to be a Frontier access gate/enablement problem rather than an Entra/Graph permissions issue, because the CLI is able to authenticate and acquire tokens, and the error is consistently “Frontier access control.”

To Reproduce

1. Configure and create a blueprint successfully (a365 setup blueprint works for blueprint creation/permissions).

2. Attempt to register messaging endpoint:
   cd C:\opt\workspace\Agent365-Samples.git\dotnet\agent-framework\sample-agenta365 setup blueprint --endpoint-onlyShow more lines

3. Attempt cleanup endpoint-only:
   a365 cleanup blueprint --endpoint-onlyShow more lines

Result: both commands fail with 403 Forbidden / Frontier access control.

Expected behavior

Endpoint registration and deletion should succeed, allowing setup to complete end-to-end.

Actual behavior

Create endpoint fails:

• Failed to call create endpoint. Status: Forbidden
• Error response: Forbidden: Access denied by Frontier access control

Delete endpoint also fails:

• delete endpoint Forbidden
• Failed to delete messaging endpoint registration

Environment

OS: Windows (PowerShell)
Agent 365 CLI: (please fill exact version; can provide if needed)
Tenant ID: b7501d50-50bf-4080-bfaa-912394380b1a
Azure region used: japaneast
Blueprint ID: 04f0d5bc-91e3-40d9-a09d-6a4adb2da2be
Endpoint name: daisamiagent0302-webapp-endpoint
Messaging endpoint URL: https://daisamiagent0302-webapp.azurewebsites.net/api/messages
Recent correlation IDs:

Setup endpoint attempt: 9a9e12d4-4467-4c85-a6e3-99d0f03ac5d6
Cleanup attempt includes interactive auth + token cached, then Forbidden

Troubleshooting already tried

Confirmed tenant shows Agent 365 UI in Microsoft 365 admin center (Agents > Overview is visible).
Confirmed Copilot trial license assignment and Frontier access configuration was adjusted (toggle/refresh).
Deleted local token cache and forced re-authentication:
Removed cached token file(s) under:
C:\Users\daisami\AppData\Local\Microsoft.Agents.A365.DevTools.Cli\auth-token.json
Re-ran commands and re-authenticated interactively.

Re-ran:
a365 setup blueprint --endpoint-only
a365 cleanup blueprint --endpoint-only

No change — both create and delete remain blocked by Frontier access control.

Notes / hypothesis
Because:

Authentication succeeds and tokens are acquired/cached, and
the failure is specifically “Access denied by Frontier access control”, and
this blocks both create and delete endpoint operations,

this seems like a tenant-side Frontier enablement/flag/gating issue for the Agent 365 Tools endpoint management API rather than a misconfiguration of Graph/permissions/client app. Agent 365 is documented as requiring Frontier preview access. [Cloud & AI...nouncement | Outlook], [Agent 365_...omer pitch | PowerPoint], [learn.microsoft.com]
Could you please check whether this tenant is missing a specific enablement/flag for endpoint registration APIs, even though the UI surface is available?

[github-actions]

[AUTO-TRIAGE] Team Assistant Triage

This issue has been automatically analyzed and triaged.

AI Decision Reasoning: Type: Classified as 'bug' because the issue describes a failure in expected functionality (endpoint creation and deletion) due to an error (403 Forbidden) that appears to be related to Frontier access control.
Priority: Assigned P2 because the issue blocks critical functionality for users (endpoint registration and cleanup), but it does not appear to affect all users universally and may be tenant-specific.
Copilot: This issue involves debugging and resolving a complex authentication and access control problem, which requires a deep understanding of the Frontier access control system and potentially external API behavior. Copilot is not suited for issues requiring runtime analysis or coordination across multiple systems.
Assignment: Grant Harris is the most suitable engineer for this issue due to his expertise in backend development, CLI tools, dotnet, and Azure, which are all relevant to the problem described. Additionally, he has a lower contribution count compared to the tech lead, making him less busy and available to address this P2 issue.
Labels: Applied labels bug, P2 based on issue type and priority

Labels and assignee have been applied based on this analysis.

[github-actions]

[AUTO-TRIAGE] Results

Classification: bug
Priority: P2
Confidence: 95.0%

Recommended Assignee: @gwharris7

Analysis:
type rationale: Classified as 'bug' because the issue describes a failure in expected functionality (endpoint creation and deletion) due to an error (403 Forbidden) that appears to be related to Frontier access control.

priority rationale: Assigned P2 because the issue blocks critical functionality for users (endpoint registration and cleanup), but it does not appear to affect all users universally and may be tenant-specific.

copilot rationale: This issue involves debugging and resolving a complex authentication and access control problem, which requires a deep understanding of the Frontier access control system and potentially external API behavior. Copilot is not suited for issues requiring runtime analysis or coordination across multiple systems.

assignment rationale: Grant Harris is the most suitable engineer for this issue due to his expertise in backend development, CLI tools, dotnet, and Azure, which are all relevant to the problem described. Additionally, he has a lower contribution count compared to the tech lead, making him less busy and available to address this P2 issue.

labels rationale: Applied labels bug, P2 based on issue type and priority

[SUGGESTION] Suggested Approach

1. Investigate the authentication and authorization logic in the endpoint management API calls. Specifically, check the implementation of the create and delete endpoint operations in the CLI codebase under src/Microsoft.Agents.A365.DevTools.Cli/Commands/BlueprintCommands.cs or similar files where these commands are implemented. Ensure that the correct permissions and tokens are being passed in the API requests.
2. Verify the Frontier access control configuration for the tenant and region specified in the issue. This may require checking the Azure portal or Frontier-specific access policies to ensure that the required permissions are granted for the authenticated user or service principal to manage messaging endpoints.
3. Add detailed logging to the create and delete endpoint operations to capture the full request and response details (excluding sensitive information). This will help identify if there are missing headers, incorrect tokens, or other issues in the API call. Update the logging configuration in src/Microsoft.Agents.A365.DevTools.Cli/Services/LoggingService.cs or equivalent logging utility.
4. Review the token acquisition and caching logic in the CLI. Ensure that the token being used for the endpoint management API calls includes the necessary scopes for Frontier access control. Check the authentication flow in src/Microsoft.Agents.A365.DevTools.Cli/Services/AuthenticationService.cs or equivalent files to confirm that the token includes all required claims.
5. Create a unit test or integration test to simulate the create and delete endpoint operations with mocked Frontier access control responses. Place these tests in src/Tests/Microsoft.Agents.A365.DevTools.Cli.Tests/Services or a similar test directory. This will help validate the CLI's behavior when encountering 403 errors and ensure proper error handling and retries.

---

Generated by TeamAssistant Auto-Triage powered by GitHub Models