Authentication Providers
The Azure AI Health Bot service is a highly configurable and extensible bot building platform. One of the core capabilities is the ability to integrate authenticated third party services into your scenarios flows. To build such integrations, we provide an authentication layer on top of the regular data connection object which allows you to make HTTPS calls to third-party API providers or your own API endpoints.
Before an authenticated connection accesses personal resources, end users could be prompted to log in via an OAuth 2.0 flow in the chat thread. This ensures that personal resources are accessed only by authenticated users.
Navigate to Integration - Authentication Providers and select on + New to create a new authentication provider.
- Name: Add an internal name for the connection
- Description: Add an internal description for recognizing this connection
- Authentication Method: Server to Server Authentication for backend communication and End-user Authentication for end-user sign in flows.
- Client ID: Add the client ID issued by the OAuth provider when you registered your application.
- Client Secret: Add the client secret issued by the OAuth provider when you registered your application.
- Authorization URL: This is the URL the bot will redirect your end Users to for Authentication. Each OAuth provider has their own Authorization URL.
- Access Token URL: This URL is used to refresh the bots access to the end users account. Each OAuth provider has their own Access Token URL.
- Scope: The scope is used to restrict the level of access to the application.
- Reply Url:: Add this reply Uri to the allowed reply Uri list of your authentication provider
You can now use this authentication provider when creating or updating a new Data Connection in the Data Connections page
Every time you'll now use this data connection, the user will or be automatically logged in via Server to Server Authentication Or the user will be prompted to sign in when End-user Authentication is selected