How to add SSO to an azure bot on microsoft teams
Followed steps documented to enable bot sso
- Created a bot.
- Added Microsoft Teams under Channels.
- Under Configuration added the messaging endpoint. e.g. (https://myproxy.proxyapp.com/teams/app/activity).
- Generated a client secret for the Microsoft app id.
- Added "https://token.botframework.com/.auth/web/redirect" as the Redirect URI for Web platform under Authentication for my Microsoft App.
- Under API Permissions for my Microsoft App added "email offline_access openid profile". "User.Read" was available by default.
- Under Expose an API added "api://botid-{Microsoft app id}". Added scope "access_as_user". Added web (1fec8e78-bce4-4aaf-ab1b-5451cc387264) and desktop (5e3ce6c0-2b1f-4285-8d4b-75ee78787346) client applications.
- In the Manifest file for my Microsoft app updated "accessTokenAcceptedVersion": 2.
- For my bot added an OAuth Connection as below
- Created an app on Microsoft Teams and associated my Micorsoft App Id as the bot id. Attached is the manifest for my Microsoft Teams app.
When I install this app to Microsoft Teams the bot is shown in the chat tab which is expected. Further the document says as a 1st step
"The bot sends a message with an OAuthCard that contains the tokenExchangeResource property.". How can I achieve this?
When I type "Hi" for the very 1st time on the bot I receive the below JSON at my messaging endpoint
{"text":"hi","textFormat":"plain","attachments":[{"contentType":"text/html","content":"<div>hi</div>"}],"type":"message","timestamp":"2021-10-05T18:27:21.5454867Z","localTimestamp":"2021-10-05T23:57:21.5454867+05:30","id":"1633458441515","channelId":"msteams","serviceUrl":"https://smba.trafficmanager.net/in/","from":{"id":"29:1kR5UGDG5iTFhsVadKAadeYuzsLEhMYK_YFxb7_Y62nAilJVLIMiPtC8oLrGGyK7wZTaFc8-jlVxJq3q0bpoBMw","name":"Ashish Sood","aadObjectId":"3836************************be046"},"conversation":{"conversationType":"personal","tenantId":"1734*************************bb8ecf","id":"a:1xMOdsbv02hfl2J4GUGA7-WemaLGCOxFlzsSNcQ9StjIMAAKn64tJ0zxKk25b02NMTl3rc7nbNffMZGXVYfraNIDKnptC01oeLRv7Ngh2WMCyOrmBT2KaDleQXSU2s4MY"},"recipient":{"id":"28:18c9**********************02b9","name":"NOW_Virtual_Agent_SSO_Bot"},"entities":[{"locale":"en-GB","country":"GB","platform":"Mac","timezone":"Asia/Calcutta","type":"clientInfo"}],"channelData":{"tenant":{"id":"1734************************b8ecf"}},"locale":"en-GB","localTimezone":"Asia/Calcutta"}
How do I use this JSON to complete the 6 steps mentioned at
auth-aad-sso-bots