We are creating a chat bot using Azure in SharePoint and using it as iframe in spfx. We need to get the SharePoint current logged in user in azure.
Steps followed to create the chat bot:
Created chatbot using azure bot framework.
Called rest api to interact with SharePoint.
Using Iframe in SharePoint SPFx extension to showcase the chatbot on site.
How to get the SharePoint current Logged-in user in bot framework?
Here is a doc and repo that can help you for share point SSO. OAuth services to support user sign-in and SSO. Below is the sample for S2S and user auth. Check out the whole list https://github.com/Microsoft/BotBuilder-Samples.
Bot-authentication demonstrates how to integrate OAuth providers for user authenticated flows.
As the bot runs in the SPFx environment, you can get the current user info as below sample:
https://github.com/pnp/sp-dev-fx-webparts/blob/master/samples/react-bot-framework-sso/webpart/src/webparts/botFrameworkChatSSO/components/BotFrameworkChatSSO.tsx
const userId = props.context.pageContext.user.loginName;
Or you can call the Rest API or Graph API to get the current user in SPFX.
Connect to SharePoint APIs
Pnp Get Current user
BR
Related
I am implementing a social management tool.
LIKE there are 2 businesses BUSINESS_A and BUSINESS_B. Both of their Facebook pages are created using the same Facebook account (fb-page#xyz.com).
And the Facebook App I have created using fb-integration#xyz.com.
Now, I can not give fb-pages#xyz.com or fb-integration#xyz.com credentials to both businesses.
How can I generate an access key server side, without the user login as they are not the creator?
If I make their Email Id as admin on the page. Will that work?
I am working on teams bot in node js i need to authenticate the user who invoke the message and get their access token to access the web api which use the same AAD can any one help me in this.
The Microsoft Graph Azure AD API should help you with managing Azure AD login and tokens.
You can also take a look at Authentication in bots for an overview of how auth works in the Bot Framework as well as related docs on setting up SSO.
Trying to deploy a bot developed in MS bot framework v4.0 on SharePoint online page. Users need to login to SharePoint to access the bot, therefore, can't add an authentication at bot level as users have to login twice that will result in poor user experience.
Integration is done with the help of token fetched by calling Web Chat Bot connector API with Web Chat channel 'Security Key'. Followed Option 1 in the documentation.
Issue
SharePoint being a client-side app poses a threat of channel 'Security Key' being exposed i.e. it can be fetched in browser's developer tools and can be used to integrate our bot on their website.
I have already Tried
Minify the javascript and add it to the web part, it makes it difficult to read 'Security Key' but not impossible.
Single Sigh-On(SSO), SSO is not possible without an OAutCard at bot level, so trying to avoid it.
Create a trigger/ function app to hide bot connector rest call and only expose token but it requires some additional cost on resources.
I did not find a way to pass SharePoint logged in user context or token from SharePoint to the bot.
Expectation
To secure channel 'Security Key' so that it can't be accessed in the developer tool.
or
Find a way to pass SharePoint logged in user context or token from SharePoint to the bot and validate the same at the bot end.
or
Hide the rest call to bot connector API through a free trigger in SharePoint online.
Open to any other solution or suggestion as well.
There is no way to get the access token in SPFx. The only solution I have found with SPO/SPFx, is to utilize SPFx to give user context to the bot, and do calls via app-only graph application in the bot. You could (in theory) add code logic to limit the calls etc to graph/SharePoint using that context (username, site name, web name).
I'm using the Nodejs SDK of Microsoft Bot Framework, and I'm trying to a ChatBot that has a Sign In Card in where the user will be redirected to a browser which will then require the user to login his/her account to a 3rd Party API.
I saw this GitHub repository: https://github.com/MicrosoftDX/botauth (BotAuth) which makes it possible to do a 3rd party authentication within the Chatbot using different providers such as Facebook, Dropbox, Pinterest and etc.
In my case, I need to add a custom provider which is not available in BotAuth. Is there a way to do this using BotAuth - Nodejs, or is there any available package that can help me solve this?
Is it possible to flow the user credentials from a CRM plug-in to a web API hosted in Azure?
I'm working on a project where a Dynamics CRM plug-in will make a call to a custom ASP.Net Core 2.0 Web API hosted in the same Azure tenant.
I have no Dynamics CRM experience; we have a team member who has done a lot of CRM integration, but he's always used a service account to connect to the other application.
I'm trying to avoid that.
Ideally, this web API would perform some work using the credentials of the CRM user, since the user's credentials will be valid in both CRM and the web API.
I would really like to have the user's credentials (such as email) come from a trusted authority and not just passed by the caller. I already have code that pulls the user's email (for example) from the user's Claims (from another part of the project).
In my perfect scenario, the plug-in code would pass the user's OpenID Connect to the web API; but I've found nothing that indicates that CRM supports OpenID Connect.
I have seen articles that talk about calling CRM from an external application using Oauth, but nothing that shows CRM calling a service with any kind of token-based authentication.
A fallback would be to use an OAuth bearer token, and have the plug-in pass the user's information to the web API.
Does anyone have any information on how to flow the CRM user's credentials to a web API call, or acquiring a bearer token to pass to a web API?
Thanks