You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This repository contains code for the Bot Framework Web Chat component. The Bot Framework Web Chat component is a highly-customizable web-based client for the Bot Framework V4 SDK. The Bot Framework SDK v4 enable developers to model conversation and build sophisticated bot applications.
11
+
This repository contains code for the Bot Framework Web Chat component. The Bot Framework Web Chat component is a highly-customizable web-based client for the Bot Framework V4 SDK. The Bot Framework SDK v4 enables developers to model conversation and build sophisticated bot applications.
12
12
13
13
This repo is part of the [Microsoft Bot Framework](https://github.com/microsoft/botframework) - a comprehensive framework for building enterprise-grade conversational AI experiences.
14
14
@@ -220,7 +220,7 @@ There are several properties that you might pass into your Web Chat React Compon
220
220
|`cardActionMiddleware`| A chain of middleware that allows the developer to modify card actions, like Adaptive Cards or suggested actions. The middleware signature is the following: `cardActionMiddleware: () => next => ({ cardAction, getSignInUrl }) => next(cardAction)`|
221
221
|`createDirectLine`| A factory method for instantiating the Direct Line object. Azure Government users should use `createDirectLine({ domain: 'https://directline.botframework.azure.us/v3/directline', token });` to change the endpoint. The full list of parameters are: `conversationId`, `domain`, `fetch`, `pollingInterval`, `secret`, `streamUrl`, `token`, `watermark``webSocket`. |
222
222
|`createStore`| A chain of middleware that allows the developer to modify the store actions. The middleware signature is the following: `createStore: ({}, ({ dispatch }) => next => action => next(cardAction)`|
223
-
|`directLine`| Specify the DirectLine object with DirectLine token. |
223
+
|`directLine`| Specify the DirectLine object with DirectLine token. We strongly recommend using the token API for authentication instead of providing the app with your secret. To learn more about why, see the [authentication documentation](https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication?view=azure-bot-service-4.0) or [connecting client app to bot](#how-to-connect-client-app-to-bot)|
224
224
|`disabled`| Disable the UI (i.e. for presentation mode) of Web Chat. |
225
225
|`grammars`| Specify a grammar list for Speech (Bing Speech or Cognitive Services Speech Services). |
226
226
|`groupTimeStamp`| Change default settings for timestamp groupings. |
@@ -246,6 +246,22 @@ Please note, however:
246
246
- Web Chat has no plan to support samples for IE11 (ES5).
247
247
- For customers who wish to manually rewrite our other samples to work in IE11, we recommend looking into converting code from ES6+ to ES5 using polyfills and transpilers like [`babel`](https://babeljs.io/docs/en/next/babel-standalone.html).
248
248
249
+
250
+
# How to connect client app to bot
251
+
252
+
Web Chat provides UI on top of the Direct Line Channel. There are two ways to connect to your bot through HTTP calls from the client: by sending the Bot secret or generating a token via the secret.
<!-- Update the following paragraph and the API table (`directline`) with new documentation when updated docs are published -->
256
+
257
+
We strongly recommend using the token API instead of providing the app with your secret. To learn more about why, see the [authentication documentation](https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication?view=azure-bot-service-4.0) on the [token API](https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-api-reference?view=azure-bot-service-4.0) and client security.
258
+
259
+
For further reading, please see the following links:
260
+
261
+
-[Using Web Chat with Azure Bot Services authentication](https://blog.botframework.com/2018/09/01/using-webchat-with-azure-bot-services-authentication/)
262
+
263
+
-[Enhanced Direct Line authentication features](https://blog.botframework.com/2018/09/25/enhanced-direct-line-authentication-features/)
264
+
249
265
# How to test with Web Chat's latest bits
250
266
251
267
_Testing unreleased features is only available via MyGet packaging at this time._
// Your client code must provide either a secret or a token to talk to your bot.
27
+
// Tokens are more secure. To learn about the differences between secrets and tokens
28
+
// and to understand the risks associated with using secrets, visit https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication?view=azure-bot-service-4.0
// Your client code must provide either a secret or a token to talk to your bot.
27
+
// Tokens are more secure. To learn about the differences between secrets and tokens
28
+
// and to understand the risks associated with using secrets, visit https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication?view=azure-bot-service-4.0
// Your client code must provide either a secret or a token to talk to your bot.
37
+
// Tokens are more secure. To learn about the differences between secrets and tokens
38
+
// and to understand the risks associated with using secrets, visit https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication?view=azure-bot-service-4.0
// Your client code must provide either a secret or a token to talk to your bot.
37
+
// Tokens are more secure. To learn about the differences between secrets and tokens
38
+
// and to understand the risks associated with using secrets, visit https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication?view=azure-bot-service-4.0
// Your client code must provide either a secret or a token to talk to your bot.
33
+
// Tokens are more secure. To learn about the differences between secrets and tokens
34
+
// and to understand the risks associated with using secrets, visit https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication?view=azure-bot-service-4.0
// Your client code must provide either a secret or a token to talk to your bot.
27
+
// Tokens are more secure. To learn about the differences between secrets and tokens
28
+
// and to understand the risks associated with using secrets, visit https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication?view=azure-bot-service-4.0
// Your client code must provide either a secret or a token to talk to your bot.
27
+
// Tokens are more secure. To learn about the differences between secrets and tokens
28
+
// and to understand the risks associated with using secrets, visit https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication?view=azure-bot-service-4.0
// Your client code must provide either a secret or a token to talk to your bot.
27
+
// Tokens are more secure. To learn about the differences between secrets and tokens
28
+
// and to understand the risks associated with using secrets, visit https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication?view=azure-bot-service-4.0
// Your client code must provide either a secret or a token to talk to your bot.
27
+
// Tokens are more secure. To learn about the differences between secrets and tokens
28
+
// and to understand the risks associated with using secrets, visit https://docs.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication?view=azure-bot-service-4.0
0 commit comments