Reputation: 35
Link MS Teams Bot to Azure AD app when creating chatbot in app studio
In the organization where I am trying to deploy a chatbot in MS Teams, because of security posture and separation of responsibilities, the MS Teams' admin team (different from bot developers), cannot create a new Azure AD app when creating a bot in App Studio. The authorization to create Azure AD app is only with AAD team.
To work with this process, we requested and got an application created in AAD via AAD Team. After creation of AAD app, the AAD team also gave us application name, application id and object id ; Now, the MS Teams' admin team is asking for process/documentation to link chatbot to be created in app studio to AAD app. Can someone share these instructions or point to any existing ones ? (I couldn't find any in my searches).
Upvotes: 0
Views: 226
Answers (2)
Reputation: 35
What I did end up doing was:
- Create an app registration in azure with a secret. The secret becomes bot password in teams.
- Create a bot using https://dev.botframework.com/bots. Since my app/bot is single tenant, I needed to be able to create a bot without azure service which requires subscription. I enabled Teams for this bot, besides web chat which is enabled by default.
- Create an app using app studio, referencing the azure app and bot from botframework.
Upvotes: 1
Reputation: 10804
The short answer is that this needs to go into the "botId" section in the Teams app manifest (see here for refence: https://learn.microsoft.com/en-us/microsoftteams/platform/resources/schema/manifest-schema). Longer answers:
You might not be editing a manifest directly - you are doing it in App Studio, so just go to the Bot section and that's where you capture the Bot ID
It sounds like there is a missing piece in what you are trying to do. You need:
a. an Azure Application (got)
b. a Teams app where you can capture the Azure App ID as bot id (got)
c. a 'Bot' registration in Azure (it's a kind of Azure resource) - have you got this already? If not, someone with Azure access will need to create it.
There is a section in the wizard to use an existing Azure Application - you'd need to select that and enter the Azure application id.
Here's more info on doing the bot registration: https://learn.microsoft.com/en-us/azure/bot-service/abs-quickstart?view=azure-bot-service-4.0&tabs=userassigned. For the screenshot in section 6, I recommend choosing "Multi-tenant" as the app type (then you can skip the 'Bot identity information' section later), and for 'Creation Type' is where you want to link to the already-created Azure Application.
Also note the "pricing tier" - by default it's on "standard", but you can change to the "free" tier to see if that's sufficient for you - your bot needs to be handling a lot of message to need to move up to the paid tier.
Upvotes: 1
Related Questions
- Why does authentication not go through in MS Teams Bot app?
- Azure AD B2C and MS Teams app (bot + tab) auth
- Adding an Azure-hosted Bot to Microsoft Teams Dev Portal
- Upload custom app in teams registered in another azure tenant
- How to configure Azure Web App Bot as an App in Teams
- How to Connect MS Teams to Chat Bot Deployed in Azure Bot Service deployment "Development" Slot i.e. NOT the Production/Default Slot
- How to add authorization to Microsoft Teams Bot in Azure
- Sending messages in Teams with a bot on behalf of a user
- Azure chat bot in MS Teams