I 'm creating a bot that running on telegram chanel. when user chatting with bot, it need to know who is chatting. so they must authenticate on my server.
i imagine that bot will send a button have a link of my authenticate endpoint (eg: https://localhost:8080/auth?code=abcd123a). user click to button then open the link in a browser that user logged in. Bot will know user identify because Bot and Server is using same database. But how bot know when user clicked to the link and be authenticated?
and is this pattern is effective (about the delay or UI)?
You could add authentication to your bot via Azure Bot Service via OAuth identity providers. Does your authenticate endpoint support OAuth? In that case, your flow will be:
Read more about the Bot Framework Token Service.
The Azure Bot Service takes care of the OAuth controllers and login links, stores the target client IDs and secrets, and performs user token management. Otherwise, you would need to do all this overhead yourself in your own hosted OAuth controllers + manage the token life-cycle.