Aug 04 2022 09:56 AM
I am working on a direct line channel with Bot framework. I am getting the magic code every time when i do sign in with Oauth prompt.
As per the document we need to pass trusted origins in direct-line client. So I have tried by giving the ui url of web application. But still I am getting the magic token in all the browsers including Chrome , Firefox and Safari.
Can you please help on this
Aug 04 2022 10:35 PM
You may be able to achieve this by adding an Azure CLI task to your pipeline.
From here you have two options:
1) Use the az resource update
command:
az resource update --name web --resource-group myResourceGroup --namespace Microsoft.Web --resource-type config --parent sites/<app_name> --set properties.cors.allowedOrigins="['http://localhost:5000']" --api-version 2015-06-01
Tutorial: Host RESTful API with CORS - Azure App Service | Microsoft Docs
2) Use the az webapp cors
command:
az webapp cors add -g {myRG} -n {myAppName} --allowed-origins https://myapps.com
az webapp cors | Microsoft Docs
Thanks,
Prasad Das
--------------------------------------------------------------
If the response is helpful, please click "**Mark as Best Response**" and like it. You can share your feedback via Microsoft Teams Developer Feedback link. Click here to escalate
Aug 05 2022 01:03 AM
We have tried the Second option by updating the url of web app in which the application is hosted and also tried the below urls,
https://login.microsoftonline.com
https://directline.botframework.com
https://token.botframework.com
But still its not working.
Can we know which are the trusted origins we need to provide.
Aug 05 2022 03:16 AM
@Lakshmi_145 -With enhanced authentication options, you can statically specify the trusted domains (trusted origins) list in the Direct Line configuration page.
Connect a bot to Direct Line in Bot Framework SDK - Bot Service | Microsoft Docs
Aug 05 2022 07:17 AM
We have tried this already. Enabled Enhanced authentication option and provided the links which I mentioned and also the link of ui url where the application is hosted. But still we are getting the validation code while signing in
Aug 08 2022 04:10 AM
Aug 08 2022 05:24 AM
@Lakshmi_145 - We are checking with engineering team. We will inform you once we have any update. Thanks!
Aug 10 2022 03:23 AM
When can we expect an update. We are working on this feature and currently its in blocked state. It will be good if we get any update
Aug 11 2022 04:09 AM
@Lakshmi_145 - There is no such update from engineering team. We will inform you once we get any update. Thanks!
Aug 23 2022 10:48 AM
It appears that you are entering the incorrect domain for your trusted origin - it needs to be the domain that is hosting the webchat client. Additional information can be found in the documentation here: https://docs.microsoft.com/en-us/azure/bot-service/bot-builder-security-enhanced?view=azure-bot-serv...
Aug 23 2022 09:43 PM
In trusted origin we have provided the UI link for web application where we have hosted and enhanced authentication is working in Chrome, its not asking for magic token.
But in Chrome incognito , some times it shows magic token after sign in . Every time magic token is displayed in Firefox and safari .
Aug 30 2022 02:19 AM
Aug 30 2022 06:46 AM
I have checked in Firefox , Safari in both Mac and iOS , in all these , cookies was already allowed and i am getting the magic token after sign in.
I have attached the Safari settings in Mac.
Sep 19 2022 01:41 AM
@Lakshmi_145 - Please open a new issue on https://github.com/microsoft/BotFramework-WebChat/issues/