Search code examples
typescriptazure-active-directorybotframeworksingle-sign-onaccess-token

Token not getting saved in adapter when using "SSO-for-enterprise-apps"

We are using Bot Framework V4 (Typescript), and we are referring "https://github.com/microsoft/BotFramework-WebChat/tree/master/samples/19.a.single-sign-on-for-enterprise-apps" for achieving SSO using AAD.

We have below questions:

  1. How does the bot adapter preserve the token from the channel data (token received from React App) so we do not have to store into state.
  2. How is it used to sign out the user from the bot? Currently, in the given example the bot gets the access token via the channel data and passed token is used to get the user information and it does not store this token into bot framework.

We wanted to know that how does the token gets set in the bot adapter currently, it would be great if we get the proper examples on setting the token to the bot adapter which will allow the user to sign out using the built in adapter.signOut function from the bot framework.

Thanks in advance Edward

Solution

  • You can see here that in that single sign-on scenario, the access token is sent to the bot in each activity's channel data:

    // Piggyback the access token on every outgoing activity.

    The bot just uses the token from each activity and therefore doesn't need to store it:

    const {
  activity: { channelData: { oauthAccessToken } = {}, text }
} = context;