I use Teams toolkit to develop bot. How can I enable AAD SSO for bot so we can get user information like user token or email in our bot process.
I have tried the method described in this link, but I don't understand why it requires both AAD_APP_CLIENT_ID and BOT_ID simultaneously. Does this mean I need to register two sets of AAD applications? It seems to make management a bit complicated.
https://github.com/OfficeDev/TeamsFx/wiki/Develop-single-sign-on-experience-in-Teams
"webApplicationInfo": {
"id": "${{AAD_APP_CLIENT_ID}}",
"resource": "api://botid-${{BOT_ID}}"
}
Thanks.
Teams Toolkit uses two AAD applications for Bot SSO.
One AAD is created by "aadApp/create" action for authentication, which is the AAD application in the "Configure app with Microsoft Entra ID" step in this wiki.
The other is the AAD app used to create Azure Bot Service. You can check this guide for detail.