I'm attempting to get an accessToken to use inside of my own custom built bot. I've based the request I am trying to build on the following:
Specifically this request:
POST https://login.microsoftonline.com/botframework.com/oauth2/v2.0/token
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&client_id=MICROSOFT-APP-ID&client_secret=MICROSOFT-APP-PASSWORD&scope=https%3A%2F%2Fapi.botframework.com%2F.default
I'm having issues figuring out what exactly my client_secret and client_id and where I should be pulling this from. I've attempted two different approaches but I'm just confusing my self more the deeper I go.
First I attempted to use the basic hello world bot created from the Visual Studio Teams toolkit, Pretty hacky approach but I just changed the botEndpoint defined in the localsetting file to just point to the service I have my custom bot listening on.
"bot": {
"skipNgrok": true,
"botDomain": "domain",
"botEndpoint": "bot endpoint",
"botId": "id",
"botPassword": "password",
"botAadObjectId": "AadId"
}
I then just published this bot and I can see each request coming in, but when I try to use the botPassword and botId generated here to try request the accessToken I just receive a 400 Bad request error in response.
From here I've tried swapping out the Client Id with the following ID's I can see on Azure App registration: Application (client) ID/Object ID/Directory (tenant) ID.
With each of these I've also tried adding a new secret key to the app registration and using this secret over the one generated by the toolkit, I only ever receive 400 or 404 errors with these with the 404's coming from the secret that I generated in the app registration (I'm assuming this has something to do with the special chars it uses)
From here I Tried to register a bot as a resource inside of azure and hopefully start from there instead of letting the toolkit generate it for me. I tried using the Microsoft App ID and App Tenant ID as the Client Id here while also generating new secret keys and using those but still I cannot get a response back.
Is there something obvious I am missing here?
The MicrosoftAppId is the clientId that corresponds to the Azure Bot resource. You can find that under the Configuration blade under Settings in the Azure Bot. The MicrosoftAppPassword is your secret key, and is typically stored in the key vault that was created in the same resource group when you created the Azure Bot resource. Depending on your account type and access permissions, you can attempt to retrieve the key from the key vault.
If you are unable to get the key that way, you can alternatively follow the instructions to deploy a new multi-tenant bot using the Azure CLI. While following these instructions, you will provide your own password, and Azure will give you the AppId in one of its responses. You can then use these values in your REST calls.