Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Port [#4582] UserAssignedIdentity(WorkloadIdentity) auth fails with 'scope https://api.botframework.com is not valid' #6732

Closed
ceciliaavila opened this issue Jan 22, 2024 · 1 comment
Closed

Port [#4582] UserAssignedIdentity(WorkloadIdentity) auth fails with 'scope https://api.botframework.com is not valid' #6732

ceciliaavila opened this issue Jan 22, 2024 · 1 comment
Assignees
@ceciliaavila
Labels
parity The issue describes a gap in parity between two or more platforms.

Comments

@ceciliaavila
Copy link
Collaborator

The changes in microsoft/botbuilder-js#4607 may need to be ported to maintain parity with microsoft/botbuilder-js.

Fixes #4582

Description

This PR adds the /.default suffix to the scope for MSI authentication.

Specific Changes

  • Updated ManagedIdentityAuthenticator to add the suffix to the scope.

Testing

These images show the fix working with a bot deployed in AKS and another one deployed in an Azure App Service.
image
@ceciliaavila ceciliaavila added the parity The issue describes a gap in parity between two or more platforms. label Jan 22, 2024
@ceciliaavila ceciliaavila self-assigned this Jan 22, 2024
@ceciliaavila
Copy link
Collaborator Author

This port is not needed since we couldn't reproduce the issue in BotBuilder-DotNet. Even though the scope doesn't include the '/.default' suffix, the bot authenticates with no errors.
image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ceciliaavila ceciliaavila

Labels
parity The issue describes a gap in parity between two or more platforms.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ceciliaavila