2

With the following Url I found a way how to extract the secret keys of a webchat bot:

https://dev.botframework.com/api/bots/{bot_id}/channels/webchat"

It will return a JSON response like following: webchat secret keys

This works well when I call it in a browser and when I am logged in on https://dev.botframework.com/. Now I would like to script it with powershell. Before starting to script it, I tried to call it with Postman. My problem is that I need a token (access token?) to call it with Postman. If I grab the IntercomAuthCookie from my browser session into the headers in Postman, I get the expected result, like here.

Now my question is: with which API can I get the IntercomAuthCookie?

I tried to get a Bearer access token here with OAuth on https://login.microsoftonline.com/common/oauth2/v2.0/token, but when I use it on the other request I get a "login expired"

jyfa
  • 93
  • 7
  • I'm not able to get even the browser approach (after logging into dev.botframework.com) to work. (It doesn't even show me the "keys" key). Were there any further steps you did to get that part to work? – Dana V Dec 21 '18 at 22:56
  • There is a way to get the keys. But there is currently a bug that will remove the current webchatchannel configuration if you try to get the keys. I will update once the bug is fixed and confirm the approach. – Dana V Jan 03 '19 at 21:49

1 Answers1

2

After weeks and much search, I found three ways to get the secret keys of a WebChat channel.

Dev Botframework Browser approach

With the following URL you can get it in JSON format:

https://dev.botframework.com/identity/signin?requestUrl=/api/bots/{botId}/channels/webchat

It will ask you about your credentials and redirect you to https://dev.botframework.com/api/bots/{botId}/channels/webchat.

Azure Cli approach (not recommended)

With the help of this post How can I programmatically obtain the DirectLine secret of a Microsoft Bot Framework chatbot application?, I found the following command:

az bot webchat show -n "{botId}" -g "{resourceGroupName}" --with-secrets --subscription "{subscriptionId}"

Don't forget to login (with the "az login" command) before running the above command.

Why is this approach not recommended?
I realized that after running this command, it corrupted the WebChat channel in Azure, and I couldn't bring it back to work again. That's why I highly don't recommend to use it.

HTTP GET Request approach - No browser needed (most recommended for scripting)

After much research in the Python Azure Cli Bot Service and Azure Mgmt Bot Service source code, I found the following request:

https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.BotService/botServices/{botId}/channels/WebChatChannel/listChannelWithKeys?api-version=2018-07-12

Don't forget also to add an Access Bearer Token into the Authorization key header of the request.

I tested all the approaches. Everything worked as expected.

jyfa
  • 93
  • 7
  • Hi @jyfa. That's great. Yes, I had these approaches as well, and powershell also. But; please be aware of the bug that I mentioned earlier. If you retrieve the keys, it may cause them to be removed or break the webchat channel. Is your channel still working? Does it show 'Running' in the channels view in the bot azure blade? – Dana V Jan 07 '19 at 17:31
  • As I mentioned in my answer, the second approach is not recommended, due to the bug you mentioned. You are right, it will break the WebChat channel and there is no way to bring the channel back to the "Running" state. But the last approach (I use it with the powershell curl command) is working without breaking the channel. – jyfa Jan 09 '19 at 08:43