Announcements
I am currently working on a solution to thwart bots from unnecessarily utilizing the chatbot and, subsequently, consuming PVA sessions. Our approach involves the utilization of the live chat widget script, initially generated through the Customer Centre, which is routed first through Omnichannel and then to PVA. Based on my understanding, when a user engages with a system topic, it results in the consumption of a session. Is there a method to enforce some form of session restriction for the same IP address via PVA or Omnichannel?
hi @noelDanas, PVA has a internal rate limit of 800 RPM, so if the bot is experiencing a DDoS attack, we will throttle the requests and the bot will be unresponsive. One other option is to present the user with a captcha at the beginning of the conversation, to avoid automated bot attacks.
More info here: https://learn.microsoft.com/en-us/power-virtual-agents/requirements-quotas
Thank you for your reply, Yes i am aware that there is a limit of 800RPm but still sessions are consumed. Regarding the captcha, if the website is inspected and the JavaScript snippet is extracted, it can be embedded in an HTML file, effectively bypassing the captcha.
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.
Congratulations to our 2026 Super Users!
Congratulations to our 2025 community superstars!
These are the community rock stars!
Stay up to date on forum activity by subscribing.
Valantis 612
chiaraalina 161 Super User 2026 Season 1
deepakmehta13a 116
