Search code examples
azurebotframeworkweb-chat

Send messages with https://webchat.botframework.com/

I'm trying to send messages following this guide, but i'm getting 403. The bot is deployed on Azure using Web App Bot template.

I got the bearer token

curl -X POST \
  https://login.microsoftonline.com/botframework.com/oauth2/v2.0/token \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -H 'Postman-Token: ea607e32-4939-4005-85f4-440bc71d6e12' \
  -H 'cache-control: no-cache' \
  -d 'grant_type=client_credentials&client_id=655fde6d-0086-4b7c-b82c-8033b05555e5&client_secret=C*bd%3B%7D%5Ed1%3F7_(D%5Dq%5E%2B%2Bm6c%5E%5BQ-%7D&scope=https%3A%2F%2Fapi.botframework.com%2F.default&undefined='

Send message with auth

curl -X POST \
  https://webchat.botframework.com/v3/conversations/26573ac9cd7c4242aaa3c9692248b11a/activities \
  -H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ii1zeE1KTUxDSURXTVRQdlp5SjZ0eC1DRHh3MCIsImtpZCI6Ii1zeE1KTUxDSURXTVRQdlp5SjZ0eC1DRHh3MCJ9.eyJhdWQiOiJodHRwczovL2FwaS5ib3RmcmFtZXdvcmsuY29tIiwiaXNzIjoiaHR0cHM6Ly9zdHMud2luZG93cy5uZXQvZDZkNDk0MjAtZjM5Yi00ZGY3LWExZGMtZDU5YTkzNTg3MWRiLyIsImlhdCI6MTU0OTIxNTIyOSwibmJmIjoxNTQ5MjE1MjI5LCJleHAiOjE1NDkyMTkxMjksImFpbyI6IjQySmdZSGo1NGU3TzZVOGI1Mlo2dk1yTUxWQXBBQUE9IiwiYXBwaWQiOiI2NTVmZGU2ZC0wMDg2LTRiN2MtYjgyYy04MDMzYjA1NTU1ZTUiLCJhcHBpZGFjciI6IjEiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9kNmQ0OTQyMC1mMzliLTRkZjctYTFkYy1kNTlhOTM1ODcxZGIvIiwidGlkIjoiZDZkNDk0MjAtZjM5Yi00ZGY3LWExZGMtZDU5YTkzNTg3MWRiIiwidXRpIjoiSnRmU3dTMEt0VWUzTl8xTldfNWJBQSIsInZlciI6IjEuMCJ9.B4837ahaYuc00_dU8v-RyuC0CC0NXXKSGaNFyj5VcjkGsMUfKRBfXtDfebv0mMbDz7Vaw_VSmO4Y-WSn_LOrYv6qqB1-vGhD6zf3DkZ3SUnSUVkNmTS93Vc2N18C6pvAm129P2-YYlCJu-bQJtX-ZKXFjcJ2oQ70P-X3A-zFrVj1rSzd6pyRqRLJJw58ZnaAUosBs7KgEzDoRCRn61lcrDqIny-BoWrlGsTPMUWl2hAsZnj-0-QR0CE1oxTTfkRYElZua1zwsKf6-VaOxvQNhtkHemzqpo5ctUyQMmlkHEVyUCXhUPzPNYdgPyF87pLJq7fhimgRAe5YAjJMlbRANA' \
  -H 'Content-Type: application/json' \
  -H 'Postman-Token: f19c7788-3933-4b4a-9ce6-ebfcc953903f' \
  -H 'cache-control: no-cache' \
  -d '{
    "type": "message",
    "from": {
        "id": "NotificationApi",
        "name": "Notification"
    },
    "text": "Haircut on Saturday"
}'

The serviceUrl and conversation I got from session.message.address

Then, the response code is 403- Forbiden.

Can someone help me ?

Solution

  • I think the mistake here is that you're attempting to authenticate the WebChat channel with an OAuth based bearer token rather than using token based authentication. OAuth token acquisition happens over the channel once it's connection is established.

    This blog post does a pretty good job explaining the difference between the two and walking through the various steps of configuring an DirectLine channel (which supports more advanced scenario for acquiring tokens), fetching a token from it for the WebChat to use and then, later, performing the OAuth token exchange via the Bot Framework Service.