Forum Discussion
karamem0
May 28, 2024Brass Contributor
Supports API-Key or X-Functions-Key in API-based message extension
Hi all, I am tring to imprement a Teams app with API-based message extension. The backend of the API is Azure Funtions HTTP trigger and requires an API key. The API-based message extension supports ...
karamem0
May 28, 2024Brass Contributor
My idea is Teams detects OpenAPI Security Schema when specified authType: apiSecretServiceAuth.
OpenAPI Specification v3.0.1 | Introduction, Definitions, & More
manifest.json
"composeExtensions": [
{
"composeExtensionType": "apiBased",
"authorization": {
"authType": "apiSecretServiceAuth",
"apiSecretServiceAuthConfiguration": {
"apiSecretRegistrationId": "9xxxxb0f-xxxx-40cc-xxxx-15xxxxxxxxx3"
}
}
swagger.json
"securitySchemes": {
"apikeyheader_auth": {
"type": "apiKey",
"name": "X-Functions-Key",
"in": "header"
}
}
Prasad_Das-MSFT
Microsoft
May 29, 2024karamem0 - To achieve your requirements, we recommend you give your feedback in Teams Feedback Portal.
- karamem0May 30, 2024Brass Contributor
Thank you for replying, I will post the feedback.
As a workaround, I can convert Beaer token to X-Functions-Key header using APIM.
<set-header name="X-Functions-Key" exists-action="override"> <value>@(Regex.Match(context.Request.Headers.GetValueOrDefault("Authorization",""), "^Bearer (?<key>.+)$").Groups["key"]?.Value)</value> </set-header>