Using User Token obtained from Azure Bot to get an access token to act as an On-Behalf-Of token

0
votes

I have an Azure bot that prompts the user to login with their username and password. From this, I am able to obtain an authorization code. I would like to use this code to retrieve an on-behalf-of access token, which I'll use as a bearer token to authenticate my api calls to another web application.

The web application which I want to make api calls to also requires authentication to the Azure Active Directory. How would I go about exchanging the authorization code obtained from Azure Bot to an OBO access token?

1
azureazure-active-directoryaccess-tokenazure-bot-serviceazure-authentication
I see your previous posts. It's unnecessary to use OBO flow. Your bot application accesses Microsoft Graph API firstly. Then your bot application tries to access your another web api. It's not that Microsoft Graph API accesses your another web api. So using refresh_token to exchange the access_token is enough.Allen Wu

1 Answers

0
votes

There is no need to exchanging the token obtained from Azure Bot. If you want to access your another web application from Azure Bot, just set the resource as api://{api id}(V1.0) or set the scope as api://{api id}/.default(V2.0).