In Bot User Authentication

In Bot User Authentication 

Bots have become the center of integration of the whole teams, enabling tasks as varied as automating stand up meetings, managing your Kanban board, creating reminders, and that directly from your favorite Instant Messaging platform. In this post, we will explore integration of Office 365 services into a bot. 

Our first halt is Microsoft Graph, which enables accessing Office 365 services with a single access token and provides access to all resources through a single endpoint. The key concept that enables accessing Graph API is the access token. Let’s investigate what it is and how to get it. 

The Access Token 

The access token contains the permissions of your application and with those determines the resources that your application has access to. But what permissions does my application need?  

Microsoft Graph provides granular permissions, meaning every resource requires its own permission or set of permissions. Permissions required for a resource are shown in the Graph API reference. https://developer.microsoft.com/en-us/graph/docs/concepts/overview  

You can grant permissions to your application in Azure Portal > Azure Active Directory > (Select your application) > Settings > Required Permissions. 

Retrieval of the access token 

Access tokens can be obtained in different ways:  

• Manually via HTTP Requests.
• Programmatically using Microsoft Authentication Library (preview) and 
• In Bot authentication via AuthBot https://github.com/MicrosoftDX/AuthBot. 

In this article, we will demonstrate In Bot Authentication via AuthBot.  

The Planner Bot 

The Planner Bot has the sole purpose of displaying a user’s tasks. Using this sample project, we showcase In Bot Authentication. To follow along and more technical details check out the planner bot repository. 

According to the Planner API reference to retrieve tasks our app needs delegated work or school account permissions of Group.Read.All and Group.ReadWrite.All.  

Delegated permissions require User Authentication for which we use the .Net library AuthBot that integrates into Bots by providing a dialog that carries out the Authentication functionality. 

 

Upon Authentication, the user Access Token is retrieved, which in turn provides us with the authentication we need to access all Graph APIs, making it possible to retrieve our tasks. 

  

If you would like to dive deeper we recommend checking out:  

• Dialogs Overview– understanding Dialogs will clarify how AuthBot could integrate seamlessly with our project. 
• Concise video tutorial–  putting everything together step-by-step. 
• Basics of Azure AD Authentication