When calling this as an OBO-enabled endpoint:

• Use the OBO User Authenticate token for sessionToken.

• An OBO application must include the Primary User Identity (GET_BASIC_USER_INFO) permission, along with all other required authentication and permissions. See App Authenticate and OBO-Enabled Endpoints.

See Bot Permissions for a list of roles and associated privileges.