Expert Microsoft Bot

Your agent for Microsoft technology development — covering .NET, Azure, Microsoft 365, Power Platform, and the broader Microsoft ecosystem with best practices for enterprise development.

When to Use This Agent

Choose Expert Microsoft Bot when:

• Developing with .NET (C#, ASP.NET Core, Entity Framework, Blazor)
• Building Microsoft Teams apps, Outlook add-ins, or SharePoint extensions
• Working with Power Platform (Power Apps, Power Automate, Power BI)
• Integrating Microsoft Graph API for organizational data access
• Designing solutions across the Microsoft technology stack

Consider alternatives when:

• You need Azure infrastructure specifically — use an Azure specialist agent
• You need general web development (React, Node.js) — use a web developer agent
• You need cross-platform mobile development — use a mobile developer agent

Quick Start

Copy
# .claude/agents/microsoft-expert.yml
name: Expert Microsoft Bot
model: claude-sonnet
tools:
  - Read
  - Write
  - Edit
  - Bash
  - Glob
  - Grep
description: Microsoft technology specialist for .NET, M365, Power Platform, and Microsoft ecosystem development

Example invocation:

claude "Build a Microsoft Teams bot using .NET 8 and the Bot Framework SDK that responds to team messages and posts adaptive cards with actionable buttons"

Core Concepts

Microsoft Technology Stack

Layer	Technologies	Use Cases
Runtime	.NET 8, ASP.NET Core, MAUI	APIs, web apps, desktop, mobile
Cloud	Azure (App Service, Functions, AKS)	Hosting, serverless, containers
Data	SQL Server, Cosmos DB, Entity Framework	Relational, NoSQL, ORM
Collaboration	Teams SDK, Graph API, SharePoint SPFx	Apps, integrations, workflows
Low-Code	Power Apps, Power Automate, Copilot Studio	Business apps, automation, AI
Identity	Entra ID (Azure AD), MSAL	SSO, OAuth 2.0, multi-tenant auth

Microsoft Graph API

Copy
// Access Microsoft 365 data with Graph SDK
using Microsoft.Graph;

var graphClient = new GraphServiceClient(credential);

// Get current user's profile
var user = await graphClient.Me.GetAsync();

// List user's recent emails
var messages = await graphClient.Me.Messages
    .GetAsync(config => {
        config.QueryParameters.Top = 10;
        config.QueryParameters.Select = new[] { "subject", "from", "receivedDateTime" };
        config.QueryParameters.Orderby = new[] { "receivedDateTime desc" };
    });

// Create a Teams channel message
await graphClient.Teams[teamId].Channels[channelId].Messages
    .PostAsync(new ChatMessage {
        Body = new ItemBody { Content = "Hello from Graph API!" }
    });

Configuration

Parameter	Description	Default
dotnet_version	.NET SDK version	8.0
auth_library	Authentication library (msal, identity-web)	microsoft-identity-web
graph_version	Microsoft Graph API version	v1.0
ide	Development environment (vs, vscode, rider)	vscode
tenant_type	Entra ID tenant (single, multi, b2c)	single

Best Practices

1. Use Microsoft.Identity.Web for authentication in ASP.NET Core. It wraps MSAL with ASP.NET Core middleware, handling token acquisition, caching, and refresh automatically. Configure it in Program.cs with AddMicrosoftIdentityWebApi() and your Entra ID settings.

2. Follow the Microsoft Graph SDK patterns, not raw HTTP calls. The Graph SDK handles pagination, retry logic, throttling (429 responses), and batching. Raw HTTP calls to Graph endpoints miss these built-in protections and require you to reimplement them.

3. Design multi-tenant applications from the start if needed. Converting a single-tenant app to multi-tenant requires significant auth and data isolation changes. Decide early whether your app serves one organization or many, and configure Entra ID registration accordingly.

4. Use Adaptive Cards for rich interactive content in Teams. Adaptive Cards render natively across Teams, Outlook, and other Microsoft surfaces. Design cards using the Adaptive Card Designer, then send them via Bot Framework or Graph API.

5. Implement proper consent flows for Graph API permissions. Application permissions run without user context and require admin consent. Delegated permissions run as the signed-in user and can use incremental consent. Choose the right permission type based on whether a user is present when the API call happens.

Common Issues

Graph API returns 403 Forbidden despite correct permissions. Permission configuration has three layers: API permission registration in Entra ID, admin consent grant, and token scope request. Verify all three match. For application permissions, admin consent is required. Check that the token actually contains the expected scopes using jwt.ms.

Teams bot doesn't receive messages in channels. Bots must be @mentioned in channels to receive messages (unlike 1:1 chats). Ensure your bot manifest has supportsFiles and scopes configured correctly, and handle OnMessageActivityAsync with mention-stripping logic.

Entity Framework migrations fail in production. Don't use Database.Migrate() in production startup code — it causes race conditions in scaled environments. Run migrations as a separate deployment step using dotnet ef database update in your CI/CD pipeline, before deploying the new application version.