Link MS Teams Bot to Azure AD app when creating chatbot in app studio

Question

In the organization where I am trying to deploy a chatbot in MS Teams, because of security posture and separation of responsibilities, the MS Teams' admin team (different from bot developers), cannot create a new Azure AD app when creating a bot in App Studio. The authorization to create Azure AD app is only with AAD team.

To work with this process, we requested and got an application created in AAD via AAD Team. After creation of AAD app, the AAD team also gave us application name, application id and object id ; Now, the MS Teams' admin team is asking for process/documentation to link chatbot to be created in app studio to AAD app. Can someone share these instructions or point to any existing ones ? (I couldn't find any in my searches).

Answer 1

The short answer is that this needs to go into the "botId" section in the Teams app manifest (see here for refence: https://docs.microsoft.com/en-us/microsoftteams/platform/resources/schema/manifest-schema). Longer answers:

1. You might not be editing a manifest directly - you are doing it in App Studio, so just go to the Bot section and that's where you capture the Bot ID

2. It sounds like there is a missing piece in what you are trying to do. You need:

   a. an Azure Application (got)
   b. a Teams app where you can capture the Azure App ID as bot id (got)
   c. a 'Bot' registration in Azure (it's a kind of Azure resource) - have you got this already? If not, someone with Azure access will need to create it.

There is a section in the wizard to use an existing Azure Application - you'd need to select that and enter the Azure application id.

Here's more info on doing the bot registration: https://docs.microsoft.com/en-us/azure/bot-service/abs-quickstart?view=azure-bot-service-4.0&tabs=userassigned. For the screenshot in section 6, I recommend choosing "Multi-tenant" as the app type (then you can skip the 'Bot identity information' section later), and for 'Creation Type' is where you want to link to the already-created Azure Application.

Also note the "pricing tier" - by default it's on "standard", but you can change to the "free" tier to see if that's sufficient for you - your bot needs to be handling a lot of message to need to move up to the paid tier.

Answer 2

Your Dockerfile is "hardcoded" to use 3.8.3-management. You can either:

• Release and use a new version of your Dockerfile with an updated version

FROM alpine:3.11 as downloader

RUN /*/

FROM rabbitmq:3.9.11-management as runtime

• Always use the latest "management" version that gets retagged in the registry (although this is probably not ideal for production version control) - every time this is built it will use the latest version.

FROM alpine:3.11 as downloader

RUN /*/

FROM rabbitmq:management as runtime

Pulling the latest version won't make a difference since your Dockerfile is hardcoded and it's not rebuilt when the container runs anyway.

If you update the version tag in your Dockerfile, you can keep versioning inline with RabbitMQ, for example, with your current Dockerfile and then with your updated Dockerfile:

docker build . -t my-rabbit:v0.1-3.8.3
docker build . -t my-rabbit:v0.1-3.9.11