Access session (UniversalBot.loadSession) and it's userData from tab

Hello! Is there any possibility to access the current session (UniversalBot.loadSession with an address object) and the associated userData when handling a request for a tab? There is microso...

Authentication

developer

microsoft teams

Former Employee

Jan 27, 2020

You can refer this sample code for authentication in message extension in node.js.

Here is a link for complete solution
https://github.com/microsoft/BotBuilder-Samples/tree/0bc30ed8ecdd8c82f2e20c48cc72426dd2100bc0/samples/javascript_nodejs/52.teams-messaging-extensions-search-auth-config

Hope it helps

dhoelzl

Copper Contributor

Jan 28, 2020

subhasish-MSFT

Thank you!

So with this I can access the session before teams retrieves an URL to the configuration page, so that I can attach an oAuth access token (or the id/aadObjectId) as URL parameter which later can be accessed when handling the GET-Request of the configuration page itself? May this be insecure?

Where is the documentation about that? I can see that the C#-equivalent is OnTeamsMessagingExtensionConfigurationQuerySettingUrlAsync (found at https://github.com/microsoft/botbuilder-dotnet/blob/master/libraries/Microsoft.Bot.Builder/Teams/TeamsActivityHandler.cs), but I cannot find any reference documentation for this. How does this interfere with the configured configurationUrl in the manifest?

I will try and play around with this.

Regards,

Dominik

Forum Discussion

Access session (UniversalBot.loadSession) and it's userData from tab