Forum Discussion

Iron Contributor

Aug 04, 2022

How to pass trusted Origin in Directline enhanced authentication

I am working on a direct line channel with Bot framework. I am getting the magic code every time when i do sign in with Oauth prompt. As per the document we need to pass trusted origins in direct-l...

developer

andrewclear

Microsoft

Aug 23, 2022

It appears that you are entering the incorrect domain for your trusted origin - it needs to be the domain that is hosting the webchat client. Additional information can be found in the documentation here: https://docs.microsoft.com/en-us/azure/bot-service/bot-builder-security-enhanced?view=azure-bot-service-4.0

Lakshmi_145

Iron Contributor

Aug 24, 2022

andrewclear

In trusted origin we have provided the UI link for web application where we have hosted and enhanced authentication is working in Chrome, its not asking for magic token.

But in Chrome incognito , some times it shows magic token after sign in . Every time magic token is displayed in Firefox and safari .

Also tried the below urls but still its showing validation code after every login

https://login.microsoftonline.com

https://directline.botframework.com

https://token.botframework.com

Prasad_Das-MSFT
Microsoft
Aug 30, 2022
Lakshmi_145 -

Are 3rd party cookies enabled?
They are required in order to eliminate the magic code flow https://github.com/microsoft/BotFramework-WebChat/issues/4274
- Lakshmi_145
  Iron Contributor
  Aug 30, 2022
  Prasad_Das-MSFT
  
  I have checked in Firefox , Safari in both Mac and iOS , in all these , cookies was already allowed and i am getting the magic token after sign in.
  I have attached the Safari settings in Mac.
  - Prasad_Das-MSFT
    Microsoft
    Sep 19, 2022
    Lakshmi_145 - Please open a new issue on https://github.com/microsoft/BotFramework-WebChat/issues/