I created a slack bot app. Now I am trying to figure out the difference between Bot User OAuth Token and Bot access token.
Those are the same thing! There's more information about the token types on the documentation site: https://api.slack.com/authentication/token-types
Related
This is a generalized concept question concerning obtaining information of the user in the bot chat. Preferably this would be through OpenID and to start with using Microsoft Accounts. We would want to be able to read User Display Name, User Email address, User Group Membership, etc. What is the best way to obtain this information in Azure Bot Framework? In MVC using OpenID to obtain ClaimsPrincipal is easy, but can this concept be used in Azure Bot Framework and are there any examples of this process?
There was a lot that went into this, but essentially I used an OAuth Connection on the Bot service to send the user to AADv2 endpoint to obtain the token. I then used that token to send to the GraphServiceClient method (part of Nuget package Microsoft.Graph) to obtain User information. This was granted by giving the app in Azure AD MS Graph User.Read API permissions.
I 'm creating a bot that running on telegram chanel. when user chatting with bot, it need to know who is chatting. so they must authenticate on my server.
i imagine that bot will send a button have a link of my authenticate endpoint (eg: https://localhost:8080/auth?code=abcd123a). user click to button then open the link in a browser that user logged in. Bot will know user identify because Bot and Server is using same database. But how bot know when user clicked to the link and be authenticated?
and is this pattern is effective (about the delay or UI)?
You could add authentication to your bot via Azure Bot Service via OAuth identity providers. Does your authenticate endpoint support OAuth? In that case, your flow will be:
Bot sends OAuth card, redirecting to your authenticate endpoint.
User logs in, OAuth server redirects to Bot Service token endpoint.
Bot Services retrieves token and handles token life-cycle.
Bot retrieves the activity with the token and can use it for authentication.
Read more about the Bot Framework Token Service.
The Azure Bot Service takes care of the OAuth controllers and login links, stores the target client IDs and secrets, and performs user token management. Otherwise, you would need to do all this overhead yourself in your own hosted OAuth controllers + manage the token life-cycle.
We are developing the bot application using Microsoft Bot framework and decided to use a website as a channel.
Question is, our website (Channel) is secured with Azure AD Authentication once user is logged in the website. How we can use the same authenticated user token for the Bot to authenticate the user.
Thanks
Here's a Web Chat sample that shows how to do Single Sign On (SSO) for apps that use Azure Active Directory (AAD)
Note that this is not an easy task, but it is possible.
For other users not using AAD:
SSO for Enterprise Apps sample
SSO for Teams Apps sample
I'm using oauth implicit flow to authorize google assistant user into the system.
The login flow goes like this:
If user is logging in for the first time, the assistant redirect it to my service where user provides its credentials and logs in. Upon successful login, my service generates a JWT token and sends it back to the google oauth endpoint.
Then user returns to the Google assistant with a message: "Your account has been linked to Google".
Now, the big problem is,
How can I logout the user once the token expires?
Or how can I revoke the token from Google Assistant so that it will again redirect the user to my service login page for authentication?
Try not to suggest Authorization code flow because existing architecture does not allow Authorization flow.
If you need more information then please comment below.
Found the solution.
You just have to send 401 Unauthorized Code from the your webhook. On receiving 401 Google automatically revokes the token and exits the application.
Then when user invokes the app again. User is asked to re-link his account with Google.
If you have further questions then comment below.
I am fetching the data from Yammer Using Rest api.
I am passing Bearer +"Yammer app developer Token" in the header.
Is it required to pass the token in SharePoint online since Both Yammer and SharePoint are in Office 365 Tenant.
If required how can i pass the token dynamically in the header instead of hard coding the token.
Many Thanks
You need to implement the process of getting user specific yammer access token, once you got the access token that will be valid for years. here is the process you can follow https://developer.yammer.com/docs/authentication-1click here