diff --git a/Packs/MicrosoftTeams/.secrets-ignore b/Packs/MicrosoftTeams/.secrets-ignore
index 764622a8112c..a0d0fec71a40 100644
--- a/Packs/MicrosoftTeams/.secrets-ignore
+++ b/Packs/MicrosoftTeams/.secrets-ignore
@@ -24,4 +24,10 @@ MmFiOWM3OTYtMjkwMi00NWY4LWI3MTItN2M1YTYzY2Y0MWM0IyNlZWY5Y2IzNi0wNmRlLTQ2OWItODdj
 MmFiOWM3OTYtMjkwMi00NWY4LWI3MTItN2M1YTYzY2Y0MWM0IyNlZWY5Y2IzNi0wNmRlLTQ2OWItODdjZC03MGY0Y2JlMz6Jk45=
 MmFiOWM3OTYtMjkwamii00NWY4LWI3MTItN2M1YTYzY2Y0MWM0IyNlZWY5Y2IzNi0wNmRlLTQ2OWItODdjZC03MGY0Y2JlMzJkM123=
 MCMjMCMjZGNkMjE5ZGQtYmM2OC00YjliLWJmMGItNGEzM2E3OTZiZTM1IyMxOTowOWRkYzk5MC0zODIxLTRjZWItODAxOS0yNGQzOTk5OGY5M2VfNDhkMzE4ODctNWZhZC00ZDczLWE5ZjUtM2MzNTZlNjhhMDM4QHVucS5nYmwuc3BhY2VzIyM0OGQzMTg4Ny01ZmFkLTRkNzMtYTlmNS0zYzM1NmU2OGEwMzg=
-https://make.powerautomate.com
\ No newline at end of file
+https://make.powerautomate.com
+https://ext-
+http://ext-
+http://IP
+https://IP
+https://my
+https://dns-test.name
\ No newline at end of file
diff --git a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.py b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.py
index 94bd192fa30d..b6d879f5b855 100644
--- a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.py
+++ b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.py
@@ -46,6 +46,7 @@ class FormType(Enum):  # Used for 'send-message', and by the MicrosoftTeamsAsk s
 
 INCIDENT_TYPE: str = PARAMS.get('incidentType', '')
 URL_REGEX = r'(?<!\]\()https?://[^\s]*'
+XSOAR_ENGINE_URL_REGEX = r'\bhttps?://(?:\w+[\w.-]*\w+|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):\d+(?:/(?:\w+/)*\w+)?'
 ENTITLEMENT_REGEX: str = \
     r'(\{){0,1}[0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12}(\}){0,1}'
 MENTION_REGEX = r'^@([^@;]+);| @([^@;]+);'
@@ -722,8 +723,11 @@ def get_graph_access_token() -> str:
     tenant_id = integration_context.get('tenant_id')
     if not tenant_id:
         raise ValueError(
-            'Did not receive tenant ID from Microsoft Teams, verify the messaging endpoint is configured correctly. '
-            'See https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#troubleshooting for more information'
+            'Did not receive a tenant ID from Microsoft Teams. Verify that the messaging endpoint in the Demisto bot '
+            'configuration in Microsoft Teams is configured correctly.\nUse the `microsoft-teams-create-messaging-endpoint` '
+            'command to get the correct messaging endpoint based on the server URL, the server version, and the instance '
+            'configurations.\nFor more information See - '
+            'https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#troubleshooting.'
         )
     headers = None
     url: str = f'https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/token'
@@ -2646,8 +2650,11 @@ def ring_user():
     tenant_id: str = integration_context.get('tenant_id', '')
     if not tenant_id:
         raise ValueError(
-            'Did not receive tenant ID from Microsoft Teams, verify the messaging endpoint is configured correctly. '
-            'See https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#troubleshooting for more information'
+            'Did not receive a tenant ID from Microsoft Teams. Verify that the messaging endpoint in the Demisto bot '
+            'configuration in Microsoft Teams is configured correctly.\nUse the `microsoft-teams-create-messaging-endpoint` '
+            'command to get the correct messaging endpoint based on the server URL, the server version, and the instance '
+            'configurations.\nFor more information See - '
+            'https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#troubleshooting.'
         )
     # get user to call name and id
     username_to_call = demisto.args().get('username')
@@ -2774,6 +2781,117 @@ def long_running_loop():
             time.sleep(5)
 
 
+def token_permissions_list_command():
+    """
+    Gets the Graph access token stored in the integration context and displays the token's API permissions in the war room.
+
+    Use-case:
+    This command is ideal for users encountering insufficient permissions errors when attempting to
+    execute an integration command.
+    By utilizing this command, the user can identify the current permissions associated with their token (app), compare them to
+    the required permissions for executing the desired command (detailed in the integration's docs), and determine any additional
+    permissions needed to be added to their application.
+    """
+    # Get the used token from the integration context:
+    access_token: str = get_graph_access_token()
+
+    # Decode the token and extract the roles:
+    if access_token:
+        decoded_token = jwt.decode(access_token, options={"verify_signature": False})
+
+        if AUTH_TYPE == CLIENT_CREDENTIALS_FLOW:
+            roles = decoded_token.get('roles', [])
+
+        else:  # Authorization code flow
+            roles = decoded_token.get('scp', '')
+            roles = roles.split()
+
+        if roles:
+            roles = sorted(roles)
+            hr = tableToMarkdown(f'The current API permissions in the Teams application are: ({len(roles)})',
+                                 roles, headers=['Permission'])
+        else:
+            hr = 'No permissions obtained for the used graph access token.'
+
+    else:
+        hr = 'Graph access token is not set.'
+
+    demisto.debug(f"'microsoft-teams-token-permissions-list' command result is: {hr}")
+
+    result = CommandResults(
+        readable_output=hr
+    )
+
+    return_results(result)
+
+
+def create_messaging_endpoint_command():
+    """
+    Generates the messaging endpoint, based on the server url, the server version and the instance configurations.
+
+    The messaging endpoint should be added to the Demisto bot configuration in Microsoft Teams as part of the Prerequisites of
+    the integration's set-up.
+    Link to documentation: https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#1-using-cortex-xsoar-or-cortex-xsiam-rerouting
+    """
+    server_address = ''
+    messaging_endpoint = ''
+
+    # Get instance name and server url:
+    urls = demisto.demistoUrls()
+    instance_name = demisto.integrationInstance()
+    xsoar_url = urls.get('server', '')
+    engine_url = demisto.args().get('engine_url', '')
+
+    if is_using_engine():  # In case of an XSOAR engine user - The user must provide the engine address.
+        if not engine_url:
+            raise ValueError("Your instance configuration involves a Cortex XSOAR engine.\nIn that case the messaging endpoint "
+                             "that should be added to the Demisto bot configuration in Microsoft Teams is the engine's IP "
+                             "(or DNS name) and the port in use, in the following format - `https://IP:port` or `http://IP:port`."
+                             " For example - `https://my-engine.name:443`, `http://1.1.1.1:443`.\nTo test the format validity run"
+                             " this command with your engine's URL set as the value of the `engine_url` argument.")
+
+        elif engine_url and not re.search(XSOAR_ENGINE_URL_REGEX, engine_url):  # engine url is not valid
+            raise ValueError("Invalid engine URL - Please ensure that the `engine_url` includes the IP (or DNS name)"
+                             " and the port in use, and that it is in the correct format: `https://IP:port` or `http://IP:port`.")
+        else:
+            messaging_endpoint = engine_url
+
+    elif engine_url:  # engine_url was unnecessarily set
+        raise ValueError("Your instance configuration doesn't involve a Cortex XSOAR engine, but an `engine_url` was set.\n"
+                         "If you wish to run on an engine - set this option in the instance configuration. Otherwise, delete "
+                         "the value of the `engine_url` argument.")
+
+    elif is_xsoar_on_prem():
+        messaging_endpoint = urljoin(urljoin(xsoar_url, 'instance/execute'), instance_name)
+
+    else:  # XSIAM or XSOAR SAAS
+        # Add the 'ext-' prefix to the xsoar url
+        if xsoar_url.startswith('http://'):
+            server_address = xsoar_url.replace('http://', 'http://ext-', 1)
+        elif xsoar_url.startswith('https://'):
+            server_address = xsoar_url.replace('https://', 'https://ext-', 1)
+
+        messaging_endpoint = urljoin(urljoin(server_address, 'xsoar/instance/execute'), instance_name)
+
+        if is_xsiam():
+            # Replace the '.xdr-' with '.crtx-' for XSIAM tenants
+            messaging_endpoint = messaging_endpoint.replace('.xdr-', '.crtx-', 1)
+
+    hr = f"The messaging endpoint is:\n `{messaging_endpoint}`\n\n The messaging endpoint should be added to the Demisto bot"\
+         f" configuration in Microsoft Teams as part of the prerequisites of the integration's setup.\n"\
+         f"For more information see: [Integration Documentation](https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#create-the-demisto-bot-in-microsoft-teams)."
+
+    demisto.debug(
+        f"The messaging endpoint that should be added to the Demisto bot configuration in Microsoft Teams is:"
+        f"{messaging_endpoint}")
+
+    result = CommandResults(
+        readable_output=hr
+    )
+
+    return_results(result)
+
+
 def validate_auth_code_flow_params(command: str = ''):
     """
     Validates that the necessary parameters for the Authorization Code flow have been received.
@@ -2870,8 +2988,9 @@ def main():   # pragma: no cover
         'microsoft-teams-channel-user-list': channel_user_list_command,
         'microsoft-teams-user-remove-from-channel': user_remove_from_channel_command,
         'microsoft-teams-generate-login-url': generate_login_url_command,
-        'microsoft-teams-auth-reset': reset_graph_auth
-
+        'microsoft-teams-auth-reset': reset_graph_auth,
+        'microsoft-teams-token-permissions-list': token_permissions_list_command,
+        'microsoft-teams-create-messaging-endpoint': create_messaging_endpoint_command
     }
 
     commands_auth_code: dict = {
diff --git a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.yml b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.yml
index 2f43fcb57d32..7fc968022e9e 100644
--- a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.yml
+++ b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.yml
@@ -717,7 +717,24 @@ script:
   - description: Run this command if you need to rerun the authentication process.
     name: microsoft-teams-auth-reset
     arguments: []
-  dockerimage: demisto/teams:1.0.0.112095
+  - description: |-
+      Retrieves the API permissions associated with the used graph access token. 
+      
+      Note: Use this command if you encounter insufficient permissions error when attempting to execute an integration command.
+       Compare the permissions list obtained for the token with the permissions required for the desired command (can be found in the integration documentation). If there are missing API permissions, add them to your application, and then run the `microsoft-teams-auth-reset` command (as described here - https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#microsoft-teams-auth-reset).
+    name: microsoft-teams-token-permissions-list
+    arguments: []
+  - description: |-
+      Generates the messaging endpoint, based on the server URL, the server version, and the instance configurations. 
+      
+      Note: The messaging endpoint should be added to the Demisto bot configuration in Microsoft Teams as part of the prerequisites of the integration's setup. For more information, see - https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#create-the-demisto-bot-in-microsoft-teams.
+    name: microsoft-teams-create-messaging-endpoint
+    arguments:
+      - description: |-
+         If your instance configuration involves a Cortex XSOAR engine, provide the engine's IP (or DNS name) and the port in use in the following format - `https://IP:port` or `http://IP:port`.
+         For example - `https://my-engine.name:443`, `http://1.1.1.1:443`.   
+        name: engine_url
+  dockerimage: demisto/teams:1.0.0.116912
   longRunning: true
   longRunningPort: true
   script: ''
diff --git a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py
index 540fa0cf7a4b..62c2c8c40017 100644
--- a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py
+++ b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py
@@ -2471,3 +2471,204 @@ def test_add_data_to_actions_non_dict_data():
     data_value = "string_data"
     add_data_to_actions(card_json, data_value)
     assert card_json["data"] == data_value
+
+
+@pytest.mark.parametrize('token, decoded_token, auth_type, expected_hr', [
+    ('dummy_token',
+     {'aud': 'url', 'exp': '1111', 'roles': ['AppCatalog.Read.All', 'Group.ReadWrite.All', 'User.Read.All']},
+     'Client Credentials',
+     'The current API permissions in the Teams application are'),
+    ('dummy_token',
+     {'aud': 'url', 'exp': '1111', 'roles': []},
+     'Client Credentials',
+     'No permissions obtained for the used graph access token.'),
+    ('dummy_token',
+     {'aud': 'url', 'exp': '1111', 'scp': 'AppCatalog.Read.All Group.ReadWrite.All User.Read.All'},
+     'Authorization Code',
+     'The current API permissions in the Teams application are'),
+    ('dummy_token',
+     {'aud': 'url', 'exp': '1111', 'scp': ''},
+     'Authorization Code',
+     'No permissions obtained for the used graph access token.'),
+    ('',
+     {'roles': []},
+     'Client Credentials',
+     'Graph access token is not set.')
+])
+def test_token_permissions_list_command(mocker, token, decoded_token, auth_type, expected_hr):
+    """
+    Tests the 'token_permissions_list_command' logic:
+    For client credentials auth flow, the API permissions are found under the 'roles' key in the decoded token data,
+    while for the auth code flow they are found under the 'scp' key.
+    This test checks that we extract the API permissions from the graph access token successfully for both auth types.
+
+    Given:
+        1. A dummy token, mocked response of the jet.decode func with API permissions roles under the 'roles' key -
+           (auth type is client credentials).
+        2. A dummy token, mocked response of the jet.decode func without API permissions roles under the 'roles' key -
+           (auth type is client credentials).
+        3. A dummy token, mocked response of the jet.decode func with API permissions roles under the 'scp' key -
+           (auth type is Authorization Code).
+        4. A dummy token, mocked response of the jet.decode func without API permissions roles under the 'scp' key -
+           (auth type is Authorization Code).
+        5. Missing token.
+    When:
+        - Running the token_permissions_list_command.
+    Then:
+        Verify that the human readable output is as expected:
+        1. API permissions list.
+        2. No permissions obtained for the used graph access token.
+        3. API permissions list.
+        4. No permissions obtained for the used graph access token.
+        5. Graph access token is not set.
+    """
+    from MicrosoftTeams import token_permissions_list_command
+    import MicrosoftTeams
+    mocker.patch('MicrosoftTeams.get_graph_access_token', return_value=token)
+    mocker.patch('MicrosoftTeams.AUTH_TYPE', new=auth_type)
+    mocker.patch('jwt.decode', return_value=decoded_token)
+    results = mocker.patch.object(MicrosoftTeams, 'return_results')
+
+    token_permissions_list_command()
+
+    assert expected_hr in results.call_args[0][0].readable_output
+
+
+@pytest.mark.parametrize('xsoar_server, is_xsoar_on_prem, is_xsiam, expected_hr', [
+    ('https://dns-test.name:443', True, False, 'https://dns-test.name:443/instance/execute/teams'),
+    ('https://viso-test-dummy.crtx-qa-ttt.ss.paloaltonetworks.com', False, False,
+     'https://ext-viso-test-dummy.crtx-qa-ttt.ss.paloaltonetworks.com/xsoar/instance/execute/teams'),
+    ('http://viso-test-dummy.crtx-qa-ttt.ss.paloaltonetworks.com', False, False,
+     'http://ext-viso-test-dummy.crtx-qa-ttt.ss.paloaltonetworks.com/xsoar/instance/execute/teams'),
+    ('https://viso-test-dummy.xdr-qa-ttt.ss.paloaltonetworks.com', False, True,
+     'https://ext-viso-test-dummy.crtx-qa-ttt.ss.paloaltonetworks.com/xsoar/instance/execute/teams'),
+    ('http://viso-test-dummy.xdr-qa-ttt.ss.paloaltonetworks.com', False, True,
+     'http://ext-viso-test-dummy.crtx-qa-ttt.ss.paloaltonetworks.com/xsoar/instance/execute/teams'),
+    ('http://viso-test-dummy.crtx-qa-ttt.ss.paloaltonetworks.com', False, True,
+     'http://ext-viso-test-dummy.crtx-qa-ttt.ss.paloaltonetworks.com/xsoar/instance/execute/teams'),
+],
+    ids=["Test xsoar 6 server url",
+         "Test xsoar 8 server url (with https:// prefix)",
+         "Test xsoar 8 server url (with http:// prefix)",
+         "Test xsiam server url (with https:// prefix)",
+         "Test xsiam server url (with http:// prefix)",
+         "Test xsiam server url without the '.xdr-' string in the dns name"
+         ])
+def test_create_messaging_endpoint_command(mocker, xsoar_server, is_xsoar_on_prem, is_xsiam, expected_hr):
+    """
+    Tests the 'create_messaging_endpoint_command' logic.
+
+    Given:
+        1. An xsoar 6 server url.
+        2. An xsoar 8 server url (with https:// prefix).
+        3. An xsoar 8 server url (with http:// prefix).
+        4. An xsiam server url (with https:// prefix).
+        5. An xsiam server url (with http:// prefix).
+        6. An xsiam server url without the '.xdr-' string in the dns name.
+
+    When:
+        - Running the create_messaging_endpoint_command.
+    Then:
+        Verify that the messaging endpoint was created as expected:
+        1. The 'instance/execute/teams' suffix was added.
+        2. The 'ext' prefix was added to the dns name, and the 'xsoar/instance/execute/teams' suffix was added.
+        3. The 'ext' prefix was added to the dns name, and the 'xsoar/instance/execute/teams' suffix was added.
+        4. The 'ext' prefix was added to the dns name, the 'xdr-' was replaced with 'crtx-' and the 'xsoar/instance/execute/teams'
+           suffix was added.
+        5. The 'ext' prefix was added to the dns name, the 'xdr-' was replaced with 'crtx-' and the 'xsoar/instance/execute/teams'
+           suffix was added.
+        6. The 'ext' prefix was added to the dns name, and the 'xsoar/instance/execute/teams' suffix was added.
+    """
+    from MicrosoftTeams import create_messaging_endpoint_command
+    import MicrosoftTeams
+    mocker.patch.object(demisto, 'demistoUrls', return_value={'server': xsoar_server})
+    mocker.patch.object(demisto, 'integrationInstance', return_value="teams")
+    mocker.patch.object(demisto, 'args', return_value={'engine_url': ''})
+    mocker.patch('MicrosoftTeams.is_xsoar_on_prem', return_value=is_xsoar_on_prem)
+    mocker.patch('MicrosoftTeams.is_xsiam', return_value=is_xsiam)
+    mocker.patch('MicrosoftTeams.is_using_engine', return_value=False)
+    results = mocker.patch.object(MicrosoftTeams, 'return_results')
+
+    create_messaging_endpoint_command()
+
+    assert expected_hr in results.call_args[0][0].readable_output
+
+
+@pytest.mark.parametrize('engine_url, is_xsoar_on_prem, is_xsiam, expected_hr', [
+    ('https://my-engine.com:333', True, False, 'https://my-engine.com:333'),
+    ('https://my-engine.com:333', False, False, 'https://my-engine.com:333'),
+    ('https://my-engine.com:333', False, True, 'https://my-engine.com:333'),
+    ('https://1.1.1.1:333', False, True, 'https://1.1.1.1:333')
+],
+    ids=["Test xsoar 6 engine url",
+         "Test xsoar 8 engine url",
+         "Test xsiam engine url",
+         "Test xsoar engine url - with IP",
+         ])
+def test_create_messaging_endpoint_command_for_xsoar_engine(mocker, engine_url, is_xsoar_on_prem, is_xsiam, expected_hr):
+    """
+    Tests the 'create_messaging_endpoint_command' logic when the user uses an xsoar engine.
+
+    Given:
+      - An xsoar engine url.
+
+    When:
+        - Running the create_messaging_endpoint_command on:
+            1. xsoar 6
+            2. xsoar 8
+            3. xsiam
+        4. The engine url include an IP and not a DNS name.
+    Then:
+        Verify that the messaging endpoint was created as expected - only the engine url and port (without any suffix).
+    """
+    from MicrosoftTeams import create_messaging_endpoint_command
+    import MicrosoftTeams
+    mocker.patch.object(demisto, 'demistoUrls', return_value={'server': 'https://test-server.com:443'})
+    mocker.patch.object(demisto, 'integrationInstance', return_value="teams")
+    mocker.patch.object(demisto, 'args', return_value={'engine_url': engine_url})
+    mocker.patch('MicrosoftTeams.is_xsoar_on_prem', return_value=is_xsoar_on_prem)
+    mocker.patch('MicrosoftTeams.is_xsiam', return_value=is_xsiam)
+    mocker.patch('MicrosoftTeams.is_using_engine', return_value=True)
+    results = mocker.patch.object(MicrosoftTeams, 'return_results')
+
+    create_messaging_endpoint_command()
+
+    assert expected_hr in results.call_args[0][0].readable_output
+
+
+@pytest.mark.parametrize('engine_url', [
+    ('https://my-engine.com'),
+    ('my-engine.com:333'),
+    ('https://my engine.com:433'),
+],
+    ids=["Test engine url without a port",
+         "Test engine url without an http or https prefix",
+         "Test engine url with spaces in the dns name",
+         ])
+def test_create_messaging_endpoint_command_invalid_xsoar_engine(mocker, engine_url):
+    """
+    Tests the 'create_messaging_endpoint_command' logic when the user uses an xsoar engine, and provides an invalid engine url.
+
+    Given:
+      - An invalid engine URL:
+        1. without a port.
+        2. without an http:// or https:// prefix
+        3. with a space in the dns name
+
+    When:
+        - Running the create_messaging_endpoint_command.
+
+    Then:
+        Verify that a valueError exception is raised with the error description.
+    """
+    from MicrosoftTeams import create_messaging_endpoint_command
+    import MicrosoftTeams
+    mocker.patch.object(demisto, 'demistoUrls', return_value={'server': 'https://test-server.com:443'})
+    mocker.patch.object(demisto, 'integrationInstance', return_value="teams")
+    mocker.patch.object(demisto, 'args', return_value={'engine_url': engine_url})
+    mocker.patch('MicrosoftTeams.is_using_engine', return_value=True)
+    mocker.patch.object(MicrosoftTeams, 'return_results')
+
+    with pytest.raises(ValueError) as e:
+        create_messaging_endpoint_command()
+    assert 'Invalid engine URL -' in str(e.value)
diff --git a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/README.md b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/README.md
index 0ad1e07fc97e..5a0cb8baca45 100644
--- a/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/README.md
+++ b/Packs/MicrosoftTeams/Integrations/MicrosoftTeams/README.md
@@ -57,13 +57,12 @@ When [installing the bot in Microsoft Teams](#add-the-demisto-bot-to-a-team), ac
 3. Check the **long running instance** parameter in the integration instance configuration.
 4. Set the **port** parameter. It's under the Connect section in the integration instance configuration.
 5. If using the same bot from the XSOAR 6 instance, make sure to remove the bot from the team and to add it back:
-   a. Go to the Microsoft Teams app.
-   b. Go to your team, and click the three dots next to the name.
-   c. Go to **manage team** > **apps**.
-   d. Find your bot, and click the three dots in the same row.
-   e. Click **remove**.
-   f. Add the bot to the team.
-
+    1. Go to the Microsoft Teams app.
+    2. Go to your team, and click the three dots next to the name.
+    3. Go to **manage team** > **apps**.
+    4. Find your bot, and click the three dots in the same row.
+    5. Click **remove**.
+    6. Add the bot to the team.
 
 ## Setup Examples
 
@@ -78,6 +77,8 @@ For Cortex XSOAR version 8 and Cortex XSIAM: `https://ext-<CORTEXT-XSOAR-SERVER-
 
 The integration instance name, `teams` in this example, needs to be configured in the [Configure Microsoft Teams on Cortex XSOAR](#configure-microsoft-teams-on-cortex-xsoar) step. Make sure to set the instance name in all lowercase letters and as one word.
 
+- Note: You can use the `microsoft-teams-create-messaging-endpoint` command to generate the messaging endpoint, based on the server URL, the server version, and the instance configurations. For more information, see -[microsoft-teams-create-messaging-endpoint documentation](https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#microsoft-teams-create-messaging-endpoint).
+
 The port to be configured in [Configure Microsoft Teams on Cortex XSOAR](#configure-microsoft-teams-on-cortex-xsoar) step should be any available port that is not used by another service.
 
 In addition, make sure ***Instance execute external*** is enabled (for Cortex XSOAR 6.x).
@@ -164,7 +165,7 @@ Before you can create an instance of the Microsoft Teams integration in Cortex X
 6. Click **Review + Create**, and wait for the validation to pass.
 7. Click **create** if the validation has passed, and wait for the deployment to finish.
 8. Under Next Steps, click **Go to resource**.
-9. Navigate to **Configuration** on the left bar, and fill in the **Messaging Endpoint**.
+9. Navigate to **Configuration** on the left bar, and fill in the **Messaging Endpoint**. (To get the correct messaging endpoint based on the server URL, the server version, and the instance configurations. use the `microsoft-teams-create-messaging-endpoint`command).
 10. Store the **Microsoft App ID** value for the next steps, and navigate to **Manage** next to it.
 11. Click **New Client Secret**, fill in the **Description** and **Expires** fields as desired. Then click **Add**.
 12. Copy the client secret from the **value** field and store it for the next steps.
@@ -1118,6 +1119,63 @@ There are no input arguments for this command.
 
 There is no context output for this command.
 
+### microsoft-teams-token-permissions-list
+***
+Retrieves the API permissions associated with the used graph access token. 
+
+Use this command if you encounter insufficient permissions error when attempting to execute an integration command. Compare the permissions list obtained for the token with the permissions required for the desired command (can be found in the integration documentation). If there are missing API permissions, add them to your application, and then run the `microsoft-teams-auth-reset` command (as described here - [microsoft-teams-auth-reset docs](https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#microsoft-teams-auth-reset)).
+
+##### Base Command
+
+`microsoft-teams-token-permissions-list`
+
+##### Input
+There are no input arguments for this command.
+
+##### Context Output
+There is no context output for this command.
+
+##### Command Example
+```!microsoft-teams-token-permissions-list```
+
+##### Human Readable Output
+>### The API permissions obtained for the used graph access token are:
+>| Permission          |
+>|---------------------|
+>| Group.ReadWrite.All |
+>| User.Read.All       |
+>| Channel.Create      |
+
+
+### microsoft-teams-create-messaging-endpoint
+***
+Generates the messaging endpoint, based on the server URL, the server version, and the instance configurations. 
+
+The messaging endpoint should be added to the Demisto bot configuration in Microsoft Teams as part of the prerequisites of the integration's setup. For more information see - [Integration Documentation](https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#create-the-demisto-bot-in-microsoft-teams).
+
+##### Base Command
+
+`microsoft-teams-create-messaging-endpoint`
+
+##### Input
+
+| **Argument Name**   | **Description**                                                                 | **Required** |
+|---------------------|---------------------------------------------------------------------------------|--------------|
+| engine_url          | If your instance configuration involves a Cortex XSOAR engine, provide the engine's IP (or DNS name) and the port in use in the following format - `https://IP:port` or `http://IP:port`. For example - `https://my-engine.name:443`, `http://1.1.1.1:443`. | Optional     | 
+
+##### Context Output
+There is no context output for this command.
+
+##### Command Example
+```!microsoft-teams-create-messaging-endpoint```
+
+##### Human Readable Output
+>### The messaging endpoint is: 
+>|```https://ext-viso-test.crtx-qa-uat.us.paloaltonetworks.com/xsoar/instance/execute/teams-instance```
+>
+> The messaging endpoint should be added to the Demisto bot configuration in Microsoft Teams as part of the prerequisites of the integration's setup.
+> For more information see: [Integration Documentation](https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#create-the-demisto-bot-in-microsoft-teams)."
+
 
 ## Running commands from Microsoft Teams
 You can run Cortex XSOAR/Cortex XSIAM commands, according to the user permissions, from Microsoft Teams in a mirrored investigation channel.
@@ -1140,7 +1198,7 @@ Note: To enrich an incident created via the Demisto BOT (`new incident` command)
     This probably means that there is a connection issue, and the web server does not intercept the HTTPS queries from Microsoft Teams.
 
     To troubleshoot:
-   1. Verify that the messaging endpoint is configured correctly according to the method you chose in the [Setup Examples](#setup-examples) step.
+   1. Verify that the messaging endpoint is configured correctly according to the method you chose in the [Setup Examples](#setup-examples) step. If the configuration method you have chosen is rerouting, use the `microsoft-teams-create-messaging-endpoint`command ([microsoft-teams-create-messaging-endpoint documentation](https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#microsoft-teams-create-messaging-endpoint)) to get the correct messaging endpoint based on the server URL, the server version, and the instance configurations.
    2. Verify the Docker container is up and running and publish the configured port to the outside world:
 
        From the Cortex XSOAR / Cortex XSOAR engine machine run: `docker ps | grep teams`
@@ -1165,7 +1223,9 @@ Note: To enrich an incident created via the Demisto BOT (`new incident` command)
 
    6. In some cases, a connection is not created between Teams and the messaging endpoint when adding a bot to the team. You can work around this problem by adding any member to the team the bot was added to (the bot should be already added to the team). This will trigger a connection and solve the issue. You can then remove the member that was added.
 
-2. If you see the following error message: `Error in API call to Microsoft Teams: [403] - UnknownError`, then it means the AAD application has insufficient permissions.
+2. If you see the following error message: `Error in API call to Microsoft Teams: [403] - UnknownError`, it means the AAD application has insufficient permissions. 
+To retrieves the API permissions associated with the used graph access token you can run the `microsoft-teams-token-permissions-list` command ([microsoft-teams-token-permissions-list documentation](https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#microsoft-teams-token-permissions-list)).
+Compare the permissions list obtained for the token with the permissions required for the command you wish to execute (can be found in the command documentation). If there are missing API permissions, add them to your application, and then run the `microsoft-teams-auth-reset` command (as described here - [microsoft-teams-auth-reset documentation](https://xsoar.pan.dev/docs/reference/integrations/microsoft-teams#microsoft-teams-auth-reset)).
 
 3. Since the integration works based on Docker port mapping, it can't function if the Docker is set to run with the host networking (`--network=host`). For more details, refer to the [Docker documentation](https://docs.docker.com/network/host/).
 
diff --git a/Packs/MicrosoftTeams/ReleaseNotes/1_5_7.md b/Packs/MicrosoftTeams/ReleaseNotes/1_5_7.md
new file mode 100644
index 000000000000..ba2ea633af7b
--- /dev/null
+++ b/Packs/MicrosoftTeams/ReleaseNotes/1_5_7.md
@@ -0,0 +1,8 @@
+
+#### Integrations
+
+##### Microsoft Teams
+
+- Added the ***microsoft-teams-token-permissions-list*** command which retrieves the API permissions associated with the used graph access token.
+- Added the ***microsoft-teams-create-messaging-endpoint*** command which generates the messaging endpoint, based on the server URL, the server version, and the instance configurations.
+- Updated the Docker image to: *demisto/teams:1.0.0.116912*.
diff --git a/Packs/MicrosoftTeams/pack_metadata.json b/Packs/MicrosoftTeams/pack_metadata.json
index 67c9185b9daf..e2cd38a1ba43 100644
--- a/Packs/MicrosoftTeams/pack_metadata.json
+++ b/Packs/MicrosoftTeams/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Microsoft Teams",
     "description": "Send messages and notifications to your team members.",
     "support": "xsoar",
-    "currentVersion": "1.5.6",
+    "currentVersion": "1.5.7",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",