I want to call Rest API by querying DialogFlow.I am new to this any Help will be appreciated.
On how to interact with the google cloud platform dialogflow APIs, check out this Google Cloud Platform reference. According to this Google Cloud Platform reference, you may use the API for interactions, so that your service interacts directly with the end-user. For each conversational turn, your service sends end-user expressions to Dialogflow by calling the detectIntent or streamingDetectIntent method of the Sessions type. Dialogflow responds with information about the matched intent, the action, the parameters, and the response defined for the intent. Your service performs actions as needed (for example, database queries or external API calls) and sends a message to the end-user. This process continues until the conversation has ended.
To authenticate calls to Google Cloud Platform APIs, readup this resource Authentication overview. This page provides an overview of authentication in Google Cloud Platform (GCP) for application developers. It describes principals, application credentials, and various ways to authenticate calls to GCP APIs.
I hope this helps?
Related
My chatbot with Microsofts Bot Framework is online and working. It has an API, which is sadly publicly accessible.
But it shouldnt! The API should be secured and only accessible for Microsoft Accounts of my Tenant.
But most of the time the API is accessed by scripts.
Whats the best way to secure?
What is comfortable?
Like other public APIs, your API (your bot) needs to implement some form of user auth in order to validate authorized requests and reject unauthorized requests. Take a look at this sample (the C# version is linked, but the repo has samples in other languages) to see how you can implement user auth using the Microsoft Graph API. In addition to auth, Graph will also allow you to get info about the user, such as their Tenant ID (assuming your user logs-in and grants your bot permission). You can then implement whatever access controls are appropriate for your scenario.
I am developing an Azure bot for Microsoft teams, using Azure Bot Service, Bot registration channel setup. The messaging endpoint is an App Service that is authenticated with AAD login. Could some please help me understand how to call this authenticated endpoint from a bot? currently, I am testing it on Webchat and I get a 401 unauthorized error. I tried configuring the Oauth Setting in the bot as per this, but still getting 401.
Could someone please point to any concepts and documentation required here.
There is no need to enable the App service Authentication. Just follow this article to add authentication to your bot via Azure Bot service. Then logon is required when you use the bot.
Reference:
Azure AD integration with Bot Framework / teams
Microsoft Teams behaves somewhat differently than other channels in regards to OAuth and requires a few changes to properly implement authentication. Specifically an Invoke Activity is sent to the bot rather than the Event Activity used by other channels. This Invoke Activity must be forwarded to the dialog if the OAuthPrompt is being used. This is done by subclassing the TeamsActivityHandler and implementing handleTeamsSigninVerifyState. It is best advised to make use of the 46.teams-auth sample to set up OAuth in Teams.
Hope this helps.
I was wondering if it's possible to add more then one authentication provider to protect an API endpoint via Azure API gateway.
From the portal, it doesn't seem like it is possible since it only allows you to select one? Wonder if there is a workaround?
For example, I want a user to be able to sign in to google and as well as facebook via openIDConnect. Based on successful validate-jwt in the policy of the API be able to hit the actual endpoints.
Only one provider can be associated with an API at the moment. But this association does not affect runtime request processing in any way, it's purely for documentation and test console purposed. So if those are not important to you it should not be a big deal.
I want to store user information to a db after a user successfully logged in via a social provider (google, facebook, etc.) without calling an extra api on the client side.
In azure mobile services this is done by creating a class that inherity from e.g. GoogleLoginProvider and then by overwriting the CreateCredentials method.
See this post: Save information immediately after Google login in Azure Mobile Services (.NET Back-end)
But how can I archive the same behaviour in Azure App Services?
Thanks
Unfortunately this is not possible with App Service authentication. The authentication happens outside of your application and there aren't currently any direct hooks into the authentication pipeline. This also means you will not be able to inject custom claims into the ClaimsIdentity.
We are aware of some of these scenarios and want to try and address them, but don't have any timelines to share at this point. I believe the separate API call into the backend will be required in order for you to implement your registration. As far as implementing role-based access control, you will likely need to store the additional user metadata elsewhere.
I'm writing an in-house app and we're using some of the Google API's in Express/node.
Since I'm only going to use one google account (an email I made just for this purpose), what's the best authentication configuration to use?
It's a service account.
From the Google Developer Console create a service account for your app, the use the API key generated in your app.