page_type | description | products | languages | extensions | urlFragment | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
sample |
This sample demonstrates how to implement authentication in a C# Messaging Extension for Microsoft Teams, enabling secure access and user-specific interactions. |
|
|
|
officedev-microsoft-teams-samples-msgext-search-auth-config-csharp |
Bot Framework v4 sample for Teams expands the msgext-search-auth-config sample to include a configuration page and Bot Service authentication. This comprehensive C# sample provides a step-by-step guide for building a search-based Messaging Extension in Microsoft Teams that integrates authentication through Azure Active Directory. By utilizing the Bot Framework and Microsoft Graph API, it showcases how to implement secure user sign-in, access user data, and leverage messaging extension capabilities, enhancing the overall user experience.
In this sample we are assuming the OAuth 2 provider is Azure Active Directory V2 (AADv2) and are utilizing the Microsoft Graph API to retrieve data about the user. Check here for information about getting an AADv2 application setup for use in Azure Bot Service. The scopes used in this sample are the following:
email
openid
profile
Mail.Read
User.Read
User.ReadBasic.All
Mail.Send.Shared
- Bots
- Message Extensions (with teams sso)
- Search Commands
Please find below demo manifest which is deployed on Microsoft Azure and you can try it yourself by uploading the app manifest (.zip file link below) to your teams and/or as a personal app. (Sideloading must be enabled for your tenant, see steps here).
Messaging Extension Auth: Manifest
- Microsoft Teams is installed and you have an account
- .NET SDK version 6.0
- dev tunnel or ngrok latest version or equivalent tunnelling solution
- Teams Toolkit for Visual Studio
- Teams Messaging Extension Auth Configuration [Microsoft Entra Authentication] for search, action and link unfurling combined in the sample.
- Add Authentication to your Bot
The simplest way to run this sample in Teams is to use Teams Toolkit for Visual Studio.
- Install Visual Studio 2022 Version 17.10 Preview 4 or higher Visual Studio
- Install Teams Toolkit for Visual Studio Teams Toolkit extension
- In the debug dropdown menu of Visual Studio, select Dev Tunnels > Create A Tunnel (set authentication type to Public) or select an existing public dev tunnel.
- In the debug dropdown menu of Visual Studio, select default startup project > Microsoft Teams (browser)
- In Visual Studio, right-click your TeamsApp project and Select Teams Toolkit > Prepare Teams App Dependencies
- Using the extension, sign in with your Microsoft 365 account where you have permissions to upload custom apps.
- Select Debug > Start Debugging or F5 to run the menu in Visual Studio.
- In the browser that launches, select the Add button to install the app to Teams.
If you do not have permission to upload custom apps (sideloading), Teams Toolkit will recommend creating and using a Microsoft 365 Developer Program account - a free program to get your own dev environment sandbox that includes Teams.
Note these instructions are for running the sample on your local machine, the tunnelling solution is required because the Teams service needs to call into the bot.
Refer to Bot SSO Setup document.
-
Clone the repository
git clone https://github.com/OfficeDev/Microsoft-Teams-Samples.git
-
If you are using Visual Studio
- Launch Visual Studio
- File -> Open -> Project/Solution
- Navigate to
samples/msgext-search-auth-config/csharp
folder - Select
TeamsMessagingExtensionsSearchAuthConfig.csproj
orTeamsMessagingExtensionsSearchAuthConfig.sln
file
-
Run ngrok - point to port 3978 (You can skip this step, if you have already run ngrok while doing SSO setup)
ngrok http 3978 --host-header="localhost:3978"
Alternatively, you can also use the
dev tunnels
. Please follow Create and host a dev tunnel and host the tunnel with anonymous user access command as shown below:devtunnel host -p 3978 --allow-anonymous
-
Update the
appsettings.json
configuration for the bot to use the MicrosoftAppId, MicrosoftAppPassword, MicrosoftAppTenantId generated in Step 1 (App Registration creation). (Note the App Password is referred to as the "client secret" in the azure portal and you can always create a new client secret anytime.)- Set "MicrosoftAppType" in the
appsettings.json
. (Allowed values are: MultiTenant(default), SingleTenant, UserAssignedMSI) - Set "ConnectionName" in the
appsettings.json
. The Microsoft Entra ID ConnectionName from the OAuth Connection Settings on Azure Bot registration - Set "SiteUrl" in the
appsettings.json
. The ngrok forwarding url (iehttps://xxxx.ngrok-free.app
) from starting ngrok and if you are using dev tunnels, your URL will be like: https://12345.devtunnels.ms.
- Set "MicrosoftAppType" in the
-
Run your bot, either from Visual Studio with
F5
or usingdotnet run
in the appropriate folder. -
This step is specific to Teams.
- Edit the
manifest.json
contained in theAppManifest
folder to replace your Microsoft App Id (that was created when you registered your bot earlier) everywhere you see the place holder string<<YOUR-MICROSOFT-APP-ID>>
(depending on the scenario the MicrosoftAppId may occur multiple times in themanifest.json
) - Edit the
manifest.json
forvalidDomains
with base Url domain. E.g. if you are using ngrok it would behttps://1234.ngrok-free.app
then your domain-name will be1234.ngrok-free.app
and if you are using dev tunnels then your domain will be like:12345.devtunnels.ms
. - Zip up the contents of the
AppManifest
folder to create amanifest.zip
(Make sure that zip file does not contains any subfolder otherwise you will get error while uploading your .zip package) - Upload the
manifest.zip
to Teams (In Teams Apps/Manage your apps click "Upload an app". Browse to and Open the .zip file. At the next dialog, click the Add button.)
- Edit the
Note: If you are facing any issue in your app, please uncomment this line and put your debugger for local debug.
Once the Messaging Extension is installed, click the icon for Config Auth Search in the Compose Box's Messaging Extension menu to display the search window. Left click to choose Settings and view the Sign-In page.
Adding bot UI:
Zero install link unfurling card
To learn more about deploying a bot to Azure, see Deploy your bot to Azure for a complete list of deployment instructions.