Does the messaging endpoint of bot need to be anonymous?
Any help is greatly appreciated.
If you are using bot framework v4 SDK and when you register a bot in the Azure portal, for example via the Bot Channels Registration, this authentication automatically performed. So, you don't need to explicitly write any code. If you want to restrict the use of bot to users belonging to your tenant you can add authentication to a bot using OAuth. Please go through this documentation for reference.
My understanding is that requests to your /api/messages endpoint include a JWT bearer token issued by the bot framework. The SDK will check this for you.
This appears to be the code where it performs the validation:
https://github.com/microsoft/botbuilder-js/blob/fc5dcc535855cf453b0ebf373121277d824ff840/libraries/botbuilder/src/botFrameworkAdapter.ts#L1180
If you're implementing without the SDK, then you will need to do the JWT verification.
Related
I have a Microsoft teams bot and I am looking for the best way for me to authenticate incoming requests since I just have an exposed endpoint. Would it be possible to make the incoming requests from Teams to my bot, have custom headers with custom authentication?
You would need to implement user authentication into your bot to control access to those commands and resources which require access to a specific user's data. Here is the documentation on user auth in bot builder to get you started.
I am struggling to get my teams bot to work with my azure app service with Authentication enabled.
Here is my setup:
I have a teams bot that reacts to some events in the team. I also have an azure web app that has an endpoint /api/messages that listens to bot messages. There is an Azure Bot Channels Registration that wires those two together.
It all works fine until I enable EasyAuth in my web app to authenticate with Azure AD (I need this because there are other endpoints in this web app that need to be secured). With authentication in web app enabled, bot messages do not reach the web app, and I cannot find any errors in logs either.
I tried to add different OAuth Connection Settings in my Bot Channels Registration, and also Allowed Token Audiences in auth settings in web app, but I haven't found a setup that works yet.
Could someone please tell me how this should be configured? Thank you in advance.
please refer to Azure App Service Authentication / Authorization (Easy Auth) guidance: https://github.com/cgillum/easyauth
The admin API setting: https://github.com/cgillum/easyauth/wiki
Advanced Application Settings: https://github.com/cgillum/easyauth/wiki/Advanced-Application-Settings
If you need more details, I would highly suggest you go through the official document: https://learn.microsoft.com/en-us/azure/app-service/overview-authentication-authorization
I have a problem in integrating LiveAgent (A customer support/ticketing web application) and MS BotFramework.
The botframework in Azure works fine and ready to integrate with it.
Here are what I guessed/supposed to be the architecture
LiveAgent will do a HTTP POST (they have API for that) to MS Azure Bot Endpoint (NodeJS Application - like: https://<ms_azure_link>/api/messages)
When Azure receives the POST, it will match the intent, running the normal dialogflow, and return necessary response (text, hero card, image etc.), until the end of conversation.
Here are my questions:
When LiveAgent wants to connect to Azure, which endpoint should be used? The api/messages or something called DirectLine API 3.0?
Actually the DirectLine API will return something like this:
{
"conversationId": "3M3TeaDtc3uArxXwlna7AG",
"token": "<My token>",
"expires_in": 1800,
"streamUrl": "wss://directline.botframework.com/v3/directline/conversations/3M3TeaDtc3uArxXwlna7AG/stream?watermark=-&t=ubeJVCXqb9I.dAA.MwBNADMAVABlAGEARAB0AGMAMwB1AEEAcgB4AFgAdwBsAG4AYQA3AEEARwA.7UpMr6Tm0wE.9RmCM_XyjII.CQbU7viSec2P7CtznrijQwou0A8N0GynOvnsUmNT04o",
"referenceGrammarId": "669c7246-bc5c-f25f-aae7-0ad7f39e25b4"
}
As you can see, after you connect using DirectLine, you need to proceed using WebSocket.
So how to connect to this WebSocket thing using LiveAgent? For your information, LiveAgent only suppots HTTP GET/POST to custom URL.
If we don't use DirectLine API, that I will use MS Azure Bot Endpoint.. Now the question becomes: what should be passed to this endpoint so that LiveAgent can authorize itself and using the Bot as usual? Any example on that? DirectLine API Example seems not talking about this.
Thank you very much in advance. I know that this question may not be illustrated well but, hope that you can understand.
If you have any question, please let me know, I am glad to clarify that.
Thank you very much again for all your help.
If you want to treat LiveAgent as a bot client and to make some request against to your bot application. We suggust you to leverage DirectLine APIs.
To implement with DirectLine API via Node.js, you can start with the sample at https://github.com/Microsoft/BotBuilder-Samples/tree/master/Node/core-DirectLine/DirectLineClient
Specially to your second question, to keep a conversation with bot, the web socket stream is not required, unless you want to Receive activities via WebSocket stream
You can refer to the code block from the official DL code sample, which doesn't keep the web socket stream, and only leverage the conversationId and token to make HTTP requests against to bot application.
We did similar solution using MS BOT Chat SDK without DirectLine using windows selfservicehost service. We are interface from left side to MS BOT and to another CRM from right side. When do you say LiveAgent - is it Salesforce solution?
I have a chat bot that is deployed in SAP Cloud Platform which answers using an NLP.
I want to integrate Dialogflow small talk with it using APIs.
I have created a project in Dialogflow and able to use small talk. However, I need APIs to call this small talk in a HTML5 applicaiton.
Is it possible to use small talk using APIs or is it only available with Dialogflow and if APIs are available, How to consume them?
I have tried dialogflow.projects.getAgent in Google API Explorer which gives me response but in postman I am getting following error as I am unable to generate API Key:
Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential
Please help.
Thanks
Looks like you have two questions:
How do you properly authenticate a Dialogflow v2 API request
there are two versions of Dialogflow's API: v1 and the v2 beta.
You might consider using the v1 API if you're having trouble using the v2 API as it uses much simpler client and developer access tokens. If you'd like to use v2 though, see Dialogflow's v2 authentication guide.
is there a way to get a Dialogflow agent's response via an API call
there is an API to query a Dialogflow agent and get a response back. In Dialogflow's v2 API its called detectIntent and for v1 its called query
is it possible to secure a bot from microsofts botframework with azure ad or just active directory?
Will it be possible to just publish the bot for one company?
Kind regards,
prog1
Try taking a look at the Facebook Auth sample bot (here). It showcases OAuth authentication using Facebook graph API. (I've seen a bot that uses Active Directory, but don't have a sample handy.)