Hi I am new to Dialogflow. I am trying to do the following
I am trying to create a simple bot application which would use a webhook to connect to an external service (hosted on my local webserver/ company server).
Based on the documentation Docs it seems that the service has to be publicly accessible. Can I do this?
Thank you
Yes, the webhook server must be at a publicly accessible HTTPS address.
If you are trying to use an internal server that is not available to the public Internet, you may wish to look into a tunneling service such as ngrok.
Related
Hello Everyone!
As you can see in the image, that's essentially the architecture I'm planning but I'm having some doubts.
I need to create a publicly accessible API layer which also needs to access an On-Premise SQL database via Express Route. Express Route connection has already been established.
After doing a some digging, I found that in order to make the Web API access the on-premise database I need to integrate the App Service which is hosting the Web API using VNet integration with the virtual network connected with Express Route. However, I have a couple of questions.
Is VNet integration enough to establish a successful TCP 1433 communication between Web API and on-premise DB? If not please let me know what other services I should configure?
Will I lose public access to the web API? If so what would be the best way to make the Web API public?
Appreciate any help and thank you for taking the time!
You can use VNet integration, but you might also want to look at simply setting firewall restrictions on your DB. You can open up access to the DB for the IP ranges of your Azure App Service. Depending on the App Service Plan you're on, there is a list of 10 - 15 outbound IPs which you might want to whitelist. This gives your API access to the database while the database is still being protected from being public access.
If you want to make your API publicly accessible (at least on some routes) you need to open up your API to everyone. I think the best way to go would be to set up authorization for the routes you want to protect. For example with token/bearer authentication. This way, you make your API accessible, but you require authentication for some routes. You can handle the authentication in your Angular JS app, with something like Auth0 or other OpenID providers.
Given I have a HTTP (non-secure) web server up and running with the public address 111.111.111.11:80.
Are there any / what Microsoft Azure products, where I can setup my own custom domain (mydomain.com) as a HTTPS front/reverse proxy to my web server without buying my own certificate?
(Currently, I am using Cloudflare Crypto to achieve this, so I am investigating if Microsoft Azure can achieve this as well in an easy way)
As far as I know, the recommended Azure way to do this would be to use Application Gateway and a CNAME for the custom domain. This question also has some information on using a custom domain for Application Gateway.
However, if you want to use a custom domain, you will need to buy a certificate. You can do this through Azure as well. You can then use the certificate for the Application Gateway.
Edit: Sorry, Application Gateway does not seem to support the static public IP in your scenario. You would need to work around that. It might be easier to go a different route then...
I'm trying to access a third party service from Azure App Services (ideally Functions, but a Web App would do). However this service is hosted on a non-standard port, e.g. https://myservice.com:445
I'm using the System.Net.Http.HttpClient to make a POST request, but consistently get a SocketException:
An error occurred while sending the request. Unable to connect to the remote server An attempt was made to access a socket in a way forbidden by its access permissions 1.2.3.4:445
The code works on my local environment (Functions emulator or Kestrel), but fails on Azure. I tried using a service hosted on a regular https endpoint, e.g. https://myotherservice.com, and the call goes through normally.
I'm assuming there is some sort of outbound firewall rule that's preventing the fist call, but I haven't found any configuration option to disable this. Is it possible? I unfortunately cannot change the endpoint of the service I need to call.
After checking your application, I did indeed find that those outgoing requests were being blocked by the infrastructure.
I was also able to find public documentation covering those ports here:
https://github.com/projectkudu/kudu/wiki/Azure-Web-App-sandbox#restricted-outgoing-ports
I want to connect docusign locally to my application. How it can be done? How can I setup the DocuSign Connect feature while I am developing locally on my laptop? Please guide me with detailed steps.
You're going to have to have your network forward an externally accessible url to your localbox.
Since Connect is a service hosted at DocuSign and requires a valid endpoint to send data to, and if RequireAcknowledgement is enabled, you'll have to send data back to the service as well.
I'm new to Azure and have set up an Asure web site which will connect to a SOLR instance on an Azure VM. The web site cannot communicate with SOLR (port 8080) unless I create an endpoint. In order to create an endpoint I need to provide an internal and external port, however I do not want to allow external/remote access to SOLR, other than from the web site itself. Can anyone tell me how I should allow the web site to communicate with my VM, without making the VM publicly accessible?
Thank you,
JP
As #hhaggan stated, you cannot create a virtual network connection, or secure an endpoint, from Web Sites to a Virtual Machine. One option to consider is the use of SSL+certificate to secure the endpoint.
If you instead deploy your web application to a web role (in a cloud service) or a virtual machine, you can then take advantage of a brand new feature called Endpoint ACL. In essence, you can whitelist / blacklist a set of IP address ranges that may access your SOLR external endpoint. You can read about ACL'd endpoints, and how to configure them, here.
Now: You might be asking yourself why this doesn't work with Web Sites. That's because Web Sites runs on a server farm, and sites don't get unique IP addresses (unlike Cloud Services).
if you are talking about Windows Azure Websites, I am not sure if this can be done but if you are talking about Web roles in Windows Azure Cloud service, here is something that I hope it can be beneficial.
Connect ASP.NET application to SQL Server in Windows Azure via Virtual Network http://msdn.microsoft.com/en-us/library/windowsazure/jj823135.aspx
you might also would like to have a look on this http://www.windowsazure.com/en-us/services/virtual-network/ I don't think you will need it but I am just sharing it with you, it is for WIndows Azure Virtual Network.
let me know if this solved your problems or if you need anything else.