When integrating with Azure Health Bot (AHB) in production-grade applications, you'll often need to write your backend and frontend components. These components will link your backend systems with AHB and transmit customer-specific data like Web Chat tokens, end-user details, and other sensitive information required during the conversation flow. This data is encrypted and signed so that only your legitimate bot instance can decode and use it.

AHB provides exactly this kind of mechanism. You can check out this sample code on GitHub, which includes both the backend and frontend sample components.

Once a conversation is initiated on the client side of AHB, it prompts your backend to prepare and sign the necessary data for the conversation.

The server.js contains code that initiates a conversation session from your application's backend. For example, the snippet below from the server.js file passes an 'age' variable within an optionalAttributes object, but you can add any attributes you'd like:

//Add any additional attributes
response['optionalAttributes'] = {age: 33};

The backend then creates a payload that is signed into a JWT and sent back to the client side. The client forwards this JWT to the AHB session upon initiating the conversation. When AHB receives this token, it decodes, verifies, and populates a conversation scope variable called "initConversationEvent."

To access this variable, refer to the example provided in a statement step. 

Please note that this data is passed at the beginning of the conversation, and it's your responsibility to handle token expiration if relevant.