How to pass trusted Origin in Directline enhanced authentication

Lakshmi_145 · ‎Aug 04 2022

I am working on a direct line channel with Bot framework. I am getting the magic code every time when i do sign in with Oauth prompt.

As per the document we need to pass trusted origins in direct-line client. So I have tried by giving the ui url of web application. But still I am getting the magic token in all the browsers including Chrome , Firefox and Safari.

Can you please help on this

Prasad_Das-MSFT · ‎Aug 04 2022

@Lakshmi_145 -

You may be able to achieve this by adding an Azure CLI task to your pipeline.

From here you have two options:

1) Use the az resource update command:

az resource update --name web --resource-group myResourceGroup --namespace Microsoft.Web --resource-type config --parent sites/<app_name> --set properties.cors.allowedOrigins="['http://localhost:5000']" --api-version 2015-06-01

Tutorial: Host RESTful API with CORS - Azure App Service | Microsoft Docs

2) Use the az webapp cors command:

az webapp cors add -g {myRG} -n {myAppName} --allowed-origins https://myapps.com

az webapp cors | Microsoft Docs

Thanks,

Prasad Das

--------------------------------------------------------------

If the response is helpful, please click "**Mark as Best Response**" and like it. You can share your feedback via Microsoft Teams Developer Feedback link. Click here to escalate

Lakshmi_145 · ‎Aug 05 2022

@Prasad_Das-MSFT

We have tried the Second option by updating the url of web app in which the application is hosted and also tried the below urls,

https://login.microsoftonline.com

https://directline.botframework.com

https://token.botframework.com

But still its not working.

Can we know which are the trusted origins we need to provide.

Prasad_Das-MSFT · ‎Aug 05 2022

@Lakshmi_145 -With enhanced authentication options, you can statically specify the trusted domains (trusted origins) list in the Direct Line configuration page.
Connect a bot to Direct Line in Bot Framework SDK - Bot Service | Microsoft Docs

Lakshmi_145 · ‎Aug 05 2022

@Prasad_Das-MSFT

We have tried this already. Enabled Enhanced authentication option and provided the links which I mentioned and also the link of ui url where the application is hosted. But still we are getting the validation code while signing in

Lakshmi_145 · ‎Aug 08 2022

@Prasad_Das-MSFT

Is there any update on this ?

Prasad_Das-MSFT · ‎Aug 08 2022

@Lakshmi_145 - We are checking with engineering team. We will inform you once we have any update. Thanks!

Lakshmi_145 · ‎Aug 10 2022

@Prasad_Das-MSFT

When can we expect an update. We are working on this feature and currently its in blocked state. It will be good if we get any update

Prasad_Das-MSFT · ‎Aug 11 2022

@Lakshmi_145 - There is no such update from engineering team. We will inform you once we get any update. Thanks!

andrewclear · ‎Aug 23 2022

It appears that you are entering the incorrect domain for your trusted origin - it needs to be the domain that is hosting the webchat client. Additional information can be found in the documentation here: https://docs.microsoft.com/en-us/azure/bot-service/bot-builder-security-enhanced?view=azure-bot-serv...

Lakshmi_145 · ‎Aug 23 2022

@andrewclear

In trusted origin we have provided the UI link for web application where we have hosted and enhanced authentication is working in Chrome, its not asking for magic token.

But in Chrome incognito , some times it shows magic token after sign in . Every time magic token is displayed in Firefox and safari .

Also tried the below urls but still its showing validation code after every login

https://login.microsoftonline.com

https://directline.botframework.com

https://token.botframework.com