I have seen a number of posts where developers want to have their clients talk to their Bot directly without using DirectLine, or alternatively emulate DirectLine within their intranet. The most common reason is that their companies are not cloud-ready.
Instead of asking HOW, I want to ask for more information about DirectLine that I can present back to my technology committee. How is direct line secured? How are messages encrypted? Are messages logged anywhere? Are messages retained anywhere at rest?
Can someone point me to a good source of this type of information?
Related
Does anyone know how to get the information about user device that access the bot deployed in S4B channel and built using MS Bot Framework (C#).
I need to know about the options to detect the user device (Device type and OS) accessing the Skype For Business Bot. If there's a way to know whether user device is desktop or mobile. In bot framework the User-Agent header formatted similar to the string below:
SFBUserAgent (Microsoft-BotFramework/3.1+https://botframework.com/ua)
(The user agent from Connector returns the following:
fxversion/4.7.2563.0 osname/windowsserver2016datacenter osversion/6.3.14393 microsoft.bot.connector.connectorclient/3.14.1.1)
I want to know if UCWA can be used to detect the device type accessing Skype For Business bot.
UCWA is not able to do so, actually no client or client-facing api can provide such information. It's because User-Agent information is not part of the presence so the client doesn't publish it to other clients. The main purpose of this User-Agent information is for monitoring reporting purpose.
However there is still some space from server side to allow us to do something. If you have access to the Skype for Business server, you have several workarounds.
Get-CsConnections.ps1 is a well-known script to pull current logged in user from Lync server side. It was written in 2011 while we only had Lync 2010, but good news is it works fine with new version of Lync like Lync Server 2013, Skype for Business server 2015. This script needs to be run in Lync/Skype management shell or a Powershell session with Lync/Skype modules imported. It needs to run by using an Lync/Skype admin account.
To retrieve user agent for a particular user by using sip uri.
$UserHomePool = (Get-CsUser -Identity [sip address]).RegistrarPool
Get-CsConnections.ps1 -SipAddress [sip address] -Pool $UserHomePool
Connections.ps1 is the prototype script of the above Get-CsConnections.ps1, it's simpler but doesn't provide advanced features. You can look at it and decide which one you need.
Do it yourself. If you don't want to use 3rd party script or just want to do it in a simplest and pure way, it's possible to do it by querying it from server database. Lync/Skype server stores this user agent information in the dynamic database in Front End server. It's in the table dbo.RegistrarEndpoint of the database rtcdyn of the instance rtclocal.
Please notice that there is no public document about the database schema so you need to do a little guess and hacking yourself. Good news is all data in the database is strored in readable format so it shouldn't be a big issue.
In a very rare chance that you are not wanting this information in real-time, the monitoring report and database can be the best approach. It's not real-time data, the data is generated within 10 mins after a conversation is ended.
If you want to get it from monitoring database, you should look at SessionDetails view for P2P conversation and ConferenceSessionDetails for conference conversation. There are straighforward fields in the views called something like UserClientType to point out the user agent information for the certain session.
At last one thing I would like to remind is Skype allows user to logged in multiple clients simultaneously, so no matter how you make it work you still need to face the question which logged in client really matters to you if the user has multiple clients logged in.
I am developing a customer service chatbot, using Azure's Bot Framework in .NET, using the the Messenger channel. I wanted to know if anyone knows what the best way to handle the handoff to a human on Zendesk (which my platform already uses as its CRM platform). I'm not looking for when to do the handoff, but how to manage what happens next.
What I would love to be able to do would be that so when handoff is needed, a ticket on Zendesk would be created, sending for example a file (the transcript of the conversation so far). Then the agent would be able to solve the customer's problem in that ticket, having a conversation with him, having the bot sending messages back and forth between zendesk and messenger.
I don't know if this has been done before, or if it's at all possible. And I'm free to other solutions to the problem of handling this kind of handoff, without having to create a separate "chat" for the customer service agents to use, like it's explained on the azure documentation.
Thank you for your patience while I researched this. I found this resource that I believe will meet your needs. This functionality is built off of the Bot Framework utilizing .NET (it's also available for Nodejs). There are two available methods to connect a client to an agent.
The first (which should apply to you) aggregates different channels into one allowing an agent to pickup in the same channel where the bot handed off. The second opens a new channel when an agent joins the conversation.
Intermediator Bot
I was able to spin up a bot using this and confirmed the bot was listening for outside traffic.
Hope this helps.
Steve.
One thing that I'm about to try is this:
Bot conversation ends.
Bot service calls an Azure Function, passing the conversation content.
The Azure Function integrates with Trello API, creating an entry on a Kanban board.
So, instead of Trello as I want to do, you can make a call to the Zendesk API.
I'm writing a few articles about developing Azure bots. The next two actually are dealing with these very things. You can find out more here. sign up if you'd like to get notified over the next week or so when the new tutorials are online.
Hope that helps!
Tim
I am new to Twilio and tasked with evaluating whether to switch from our current service which is CDyne.
We have an application that uses SMS to interact with clients on behalf of staff using two-way SMS. The app automatically launches SMSs at certain trigger events and based upon the responses from clients decides what to do next - including asking further questions of the client. The SMS gateway I use currently allows me to include a reference id in outgoing messages. This id is returned when someone replies to the message. This makes it dead easy to look up everything related to the incoming message and form a decision and reply. Twilio does not seem to have anything similar. In fact, it does not even return the SMS ID of the original message which seems to make it a pain to determine the relation. I understand you could potentially look up the FROM and TO and trace it back, but with multiple phone numbers being used for the same client (staff can send messages directly too using a different phone number and there are several numbers being used for mass text messages), this is potentially (very) hazardous.
Question 1: Is there any (good) solution to this issue in Twilio, and
Question 2: If not, why not??? (It seems pretty obvious and simple to include a reference to the initiating SMS in the reply)
This is one of the many features that CDYNE offers at no cost to their customers.
To my knowledge, Twilio doesn't offer this feature.
For additional information on SMS Notify!'s additional free features, check out CDYNE's wiki.
So I want to create some sort of anonymous chat application. The model includes a single server (centralized) and multiple clients.
The server takes no records of the chat and also no records of who has connected amd such to maximise privacy the messages are also encrypted. You get the idea.
Now, my question was: say someone sent a link to a warez site or something deemed somewhat questionable or outright illegal. Who would get into trouble? The server owner or the client? Take into account that the server only provides a means to communicate between clients and holds no information other than the brief time it needs to receive and send.
Same thing with bots connecting to the server and using it for a communication portal for a botnet.
Thanks in advance.
I'm working on a web service that would use an SMS gateway to receive instructions from customers. Since this would be a commercial product I would like to implement a safeguard to protect our system from SMS spoofs. I don't want people impersonating others by spoofing their number.
I've noticed that Twitter allows people to tweet through text messages, how can they make sure that messages are actually genuine?
Is this possible, and if so how do I accomplish this? Or should I ignore this and just deal with it through support should they get through.
How do users spoof their numbers? Every service I've seen that allows users to interact from their phone requires a validation process first (like this). And carriers won't let you send messages through their system from a device they don't know. SMS gateways also provide safeguards to prevent spoofing. So I'm not sure how big a problem this will be for you. I would worry about it once you start encountering it.
Unfortunately with services like Spoofcard it is sometimes possible for someone to spoof an sms message. Spoofcard even works in the US even though US carriers have historically been better at blocking spoofed text messages. You can try it yourself at their site. I was able to spoof a text message to/from a tmobile number.
The solution is to implement a verfication question/text for the user to answer but this will cost you/them an additional text message.
Fogmo, a popular SMS spoofing site, allow you to contact them and add any number to a 'blacklist'. This would ensure that your customers' phones won't be spoofed to, or from. It's well worth contacting them (and similar sites) to request this.