cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
sarathutla
Frequent Visitor

Access to External Users for PVA BOT

Hi, I've made Authentication to Manual (AAD v2) and checked the Require users to sign in checkbox under Access. Is there any way I can provide access to external users without changing Access and Authentication Settings of my PVA Bot. I'm hoping there might be someway to configure external users in AD to have access to my Bot. I can't find any solid documentation from Microsoft regarding this. Can anyone help me to find a way if there is one.

1 ACCEPTED SOLUTION

Accepted Solutions
sarathutla
Frequent Visitor

Hey @Jcook , this is just to let you know that I got an update from support team. Unfortunately, whatever I'm trying to do is not possible as per design.

View solution in original post

15 REPLIES 15
Jcook
Super User
Super User

Hello @sarathutla 

 

Where is the bot published?

 

Is this bot using the full PVA license or inside Microsoft Teams?


From what I remember guest access when built inside teams is not supported.

If this bot is published outside of teams, you can try having the external user setup with a guest account, I have not tried this though.

 

**Edit - Adding docs for adding guest users to AD **

https://docs.microsoft.com/en-us/azure/active-directory/external-identities/b2b-quickstart-add-guest...


Did I answer your question? Mark my post as a solution!

If you like my post please hit the Thumbs Up


Proud to be a Flownaut!


Check out my blog for Power Automate tips,
tricks, and guides
FlowAltDelete





Hi @sarathutla 

 

Thanks for reaching out!

Your requirement look very similar to this thread here https://powerusers.microsoft.com/t5/General/How-to-get-PVA-to-authenticate-user-in-portal/m-p/420988...

Only difference might be that you're not using dataverse which wouldn't impact the guest user concept.

Give it a try and let us know.

Thanks!

sarathutla
Frequent Visitor

I've published the Bot to Demo Website and I'm using full PVA license.

I've added a guest user in AAD and tried accessing the bot with that user account. But it's not working and saying "Sorry, you don't have access to talk to the bot."

 

Below is my Access and Authentication configuration in PVA

 

Access.PNG

Authentication.PNG

Guest.PNG

Hi @sarathutla 

 

So I did find this doc, that does state that Guest access to a bot on an external site is possible:

https://docs.microsoft.com/en-us/power-virtual-agents/configuration-security#guest-and-external-acce...

 

Could you try to change the user from Guest to Member in Azure AD:

Jcook_0-1614670942338.png

 


Did I answer your question? Mark my post as a solution!

If you like my post please hit the Thumbs Up


Proud to be a Flownaut!


Check out my blog for Power Automate tips,
tricks, and guides
FlowAltDelete





Thank You for your response!

My requirement is - How Guest Users can access my PVA Bot if below are my Access and Authentication settings. 

 

 

Access.PNGAuthentication.PNG

 

I've tried adding guest user to AAD but no luck. Is it possible to configure guest users so that they can access my bot.

sarathutla
Frequent Visitor

I've tried changing the user type to Member. Still no luck😥.

And the documentation is not detailed as well.

Hi @sarathutla 

 

So since you're using the AAD V2 Auth.

 

Have you set up an Azure App Registration?

Can you confirm that your settings are following the docs:

Configure single sign-on - Power Virtual Agents | Microsoft Docs


Did I answer your question? Mark my post as a solution!

If you like my post please hit the Thumbs Up


Proud to be a Flownaut!


Check out my blog for Power Automate tips,
tricks, and guides
FlowAltDelete





sarathutla
Frequent Visitor

Yes @Jcook , I did register my app in AAD by following https://docs.microsoft.com/en-us/power-virtual-agents/configuration-end-user-authentication#configur...

 

I've no issues with the user accounts in my organization (member accounts). The problem is only for the guest users in my organization.

Hey @sarathutla 

 

Can you confirm in the App Registration the user access looks like from the docs I have sent:

https://docs.microsoft.com/en-us/power-virtual-agents/configure-sso#configure-single-sign-on

the docs you sent, don’t go in detail for the app registration. The one I have shared goes in depth on the settings. Please confirm your app registration settings are following that of the docs here:

https://docs.microsoft.com/en-us/power-virtual-agents/configure-sso#configure-single-sign-on


Did I answer your question? Mark my post as a solution!

If you like my post please hit the Thumbs Up


Proud to be a Flownaut!


Check out my blog for Power Automate tips,
tricks, and guides
FlowAltDelete





Helpful resources

Announcements
PVA_User Group Leader_768x460.jpg

Manage your user group events

Check out the News & Announcements to learn more.

Community Connections 768x460.jpg

Community & How To Videos

Check out the new Power Platform Community Connections gallery!

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

Welcome Super Users.jpg

Super User Season 2

Congratulations, the new Super User Season 2 for 2021 has started!

Center-of-Excellence-Starter-Kit-cropped 768x460.png

The Total Economic Impact™ of Power Virtual Agents

Read this 2021 commissioned study, conducted by Forrester Consulting.

Users online (1,601)