create user token to teams bot

Brass Contributor

Hi, I have one question about generate access token to a bot. I'm testing that using a azure bot to send greeting chat message automatically when it's added into a chat channel. I read the document that only user-level token can be used to send chat messages.I tried to add authentication to bot but it seems create token to signed in user instead of bot.  Is there any way to create access token to the bot? 

3 Replies

@ChenguangHe -To communicate with the Bot Connector service, you must specify an access token in the Authorization.
Request an access token based on your bot's application type-

  • As a user-assigned managed identity, so that you don't need to manage the bot's credentials yourself.
  • As a single-tenant app.
  • As a multi-tenant app.

Multitenant-

POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials&client_id=MICROSOFT-APP-ID&client_secret=MICROSOFT-APP-PASSWORD&scope=https%3A%2F%2Fapi.botframework.com%2F.default

The app can use the refresh token to get a new access token when the current one expires.

https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
client_id=11111111-1111-1111-1111-111111111111
&response_type=code
&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
&response_mode=query
&scope=offline_access%20user.read%20mail.read
&state=12345

The grant type is client_credential, I think the token is app token instead of user token.

And when I check the token by getting /me, the response is the info of the account which i login in. What I want is that assign a user token to the bot so the bot can send chat messages to any member in thread without user joining in.

@ChenguangHe -

Microsoft Teams bots are conversational bots that run repetitive automated tasks done by the users, such as customer service. The user needs to sign in multiple times without single sign-on (SSO) authentication. With SSO authentication methods, the users don't need to sign in to the bot multiple times.

You can refer the below sample-https://github.com/OfficeDev/Microsoft-Teams-Samples/tree/main/samples/bot-conversation-sso-quicksta...

Step by step guide-Build a bot with SSO authentication - Teams | Microsoft Learn