cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Impactful Individual
Impactful Individual

Adding a bot to teams

Hi All,

 

Just starting out with PVA and want to understand the best way to add a bot to Teams.

My main concern is access and authentication. I've read all the relevant articles but it is still not clear to me.

 

It seems that when we publish a bot, it is public to any MS tenant as long as they have the bot ID. The way I see around this is to set up SSO but that is a very bad user experience from inside teams. The user expects to be logged in already and shouldn't need to log in again. What is the correct way to add a bot to teams without requiring additional log in but limited to only users in our org?

 

Thanks

Sam

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Super User
Super User

Re: Adding a bot to teams

Hi @SamPo ,

 

 

You mentioned the SSO, but the SSO is not available yet inside the MS Teams. Today you can use only the Authentication.

 

Regarding your question, the idea of the Teams implementation and the Bot ID is to be secret/private, only users that you share the Bot ID and the ID generated to publish inside the Teams can connect with your chatbot.

We don't recommend you share these IDs with other people for this reason because when the user gets these credentials, he can implement it in another environment.


Did I answer your question? Mark my post as a solution!
Thanks!

Renato Romão,

Connect with me here 😉

Power Virtual Agents course (+1.000 students): https://www.udemy.com/pva-beginners

View solution in original post

4 REPLIES 4
Highlighted
Super User
Super User

Re: Adding a bot to teams

Hi @SamPo ,

 

 

You mentioned the SSO, but the SSO is not available yet inside the MS Teams. Today you can use only the Authentication.

 

Regarding your question, the idea of the Teams implementation and the Bot ID is to be secret/private, only users that you share the Bot ID and the ID generated to publish inside the Teams can connect with your chatbot.

We don't recommend you share these IDs with other people for this reason because when the user gets these credentials, he can implement it in another environment.


Did I answer your question? Mark my post as a solution!
Thanks!

Renato Romão,

Connect with me here 😉

Power Virtual Agents course (+1.000 students): https://www.udemy.com/pva-beginners

View solution in original post

Highlighted
Impactful Individual
Impactful Individual

Re: Adding a bot to teams

@renatoromao Sorry, when I said SSO, I meant authentication via Azure. We have set this app and it works fine but I'm trying to avoid the need completely.

 

As to your second point - this is exactly my issue. It seems that the bot can be added to any team (on any tenant) simply by pasting the app ID into a chat. There's no way I can consider this a secured channel if anyone can access the bot without logging in when all they need is the app ID.

 

Thanks

Sam

Highlighted
Administrator
Administrator

Re: Adding a bot to teams

As Renato indicates; the paradigm PVA uses is to have all Chatbots be publically visible (if you have their ID) then protect sensitive topics.   We are working on improved Team's integration have given this feedback to the Teams Feature owner PM. 

If you want to track the status you can add the ideas to https://ideas.powervirtualagents.com  

 

Highlighted
Dual Super User III
Dual Super User III

Re: Adding a bot to teams

Hi!

Did you consider as a potential workaround to implement a user's White List (either Sharepoint, or CDS) and once a user starts interacting with your bot, validate it inmediatelly against it by means of a Power Automate Flow?

In the example below, you will see a very simple "Authorize if not me" just for testing purposes

PVA_Authorization.png



Each time you click on any of our inspiring answers 'Thumb up' icon...
...an ewok scapes from the stormtroopers.

Be grateful, Thumbs up! Save the Galaxy for free!


Escribo sobre Power Automate en:
https://medium.com/anyone-can-automate/

Proud to be a Flownaut!



Helpful resources

Announcements
Community Conference

Power Platform Community Conference

Check out the on demand sessions that are available now!

Power Platform ISV Studio

Power Platform ISV Studio

ISV Studio is designed to become the go-to Power Platform destination for ISV’s to monitor & manage published applications.

Tech Marathon

Maratón de Soluciones de Negocio Microsoft

Una semana de contenido con +100 sesiones educativas, consultorios, +10 workshops Premium, Hackaton, EXPO, Networking Hall y mucho más!

Top Solution Authors
Users online (5,951)