Chinese, Simplified
category
- In order to access a protected resource, the bot must send the user to the authorization server or identity provider (in our samples we use AAD)
- Once user is at AAD, the user must:
- Authenticate their identity (they are who they say they are)
- Authorize the bot to access the protected resource on the user's behalf (delegating limited power, not the user's entire power, in the form of approving certain scopes)
- In the process of designing the bot, you already specified what scopes (permissions) the bot would need to perform whatever function that bot was built to do, which are the scopes that the user is prompted to authorize
- See Add authentication to your bot via Azure Bot Service for more detail on scopes
- Once authenticated and authorized, AAD sends the bot the token needed to access the protected resource
Bot Framework's OAuthPrompt provides a way to send the User to AAD in order to obtain a token. Bot developers do not have to manage token lifecycles, storage, nor proper redirects in the OAuth flow.
Higher Level
Detailed View
- 登录 发表评论
- 2 次浏览
发布日期
星期一, 九月 2, 2024 - 11:29
最后修改
星期一, 九月 2, 2024 - 11:29
Article
最新内容
- 2 days 12 hours ago
- 2 days 12 hours ago
- 2 days 13 hours ago
- 2 days 13 hours ago
- 2 days 13 hours ago
- 2 days 13 hours ago
- 2 days 14 hours ago
- 2 days 14 hours ago
- 4 days 2 hours ago
- 4 days 2 hours ago