Teams OAuth bot get stucked on token.botframework.com/api/oauth/PostSignInCallback URL.

Hasit Parmar 5 Reputation points
2024-07-22T07:38:49.3166667+00:00

I have created Teams bot without using Bot framework SDKs. i have setuped OAuth settings in Azure AI bot service with Generic OAuth provided, manually creates sign in urls in Teams bot and use that sign in url with adaptive cards to initiate user authentication.

After the successful login in third-party login page browser get stuck on https://token.botframework.com/api/oauth/PostSignInCallback url and shows validation code.

But i haven't added any code to validate this code and generate user access token? Any guidance on would be super helpful? Do i need to listen any bot activities specificallly to validate the code.User's image

Azure AI Bot Service
Azure AI Bot Service
An Azure service that provides an integrated environment for bot development.
842 questions
Microsoft Teams Development
Microsoft Teams Development
Microsoft Teams: A Microsoft customizable chat-based workspace.Development: The process of researching, productizing, and refining new or existing technologies.
3,342 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Kamil Krawczyk 235 Reputation points
    2024-07-22T09:40:35.0433333+00:00

    This happens because the Bot Framework's OAuth flow expects the bot to handle the validation code and exchange it for an access token.
    Solution:
    a. Implement a handler for the "signin/tokenExchange" activity in your bot:

    if (activity.name === 'signin/tokenExchange') {
    // Handle token exchange here
    }

    b. In this handler, use the validation code to request an access token from your OAuth provider.

    c. Once you have the access token, store it securely and associate it with the user.

    d. Send a message back to the user confirming successful authentication.

    You need to implement this token exchange logic on your bot's backend. The token.botframework.com page is not meant to be interacted with directly by the user.

    More:
    https://learn.microsoft.com/en-us/azure/bot-service/bot-builder-authentication?tabs=userassigned%2Caadv1%2Ccsharp&view=azure-bot-service-4.0
    https://learn.microsoft.com/en-us/microsoftteams/platform/bots/how-to/authentication/add-authentication?tabs=dotnet%2Cdotnet-sample


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.