Notifications
Announcements
Hi All,
Just starting out with PVA and want to understand the best way to add a bot to Teams.
My main concern is access and authentication. I've read all the relevant articles but it is still not clear to me.
It seems that when we publish a bot, it is public to any MS tenant as long as they have the bot ID. The way I see around this is to set up SSO but that is a very bad user experience from inside teams. The user expects to be logged in already and shouldn't need to log in again. What is the correct way to add a bot to teams without requiring additional log in but limited to only users in our org?
Thanks
Sam
Hi @Anonymous ,
You mentioned the SSO, but the SSO is not available yet inside the MS Teams. Today you can use only the Authentication.
Regarding your question, the idea of the Teams implementation and the Bot ID is to be secret/private, only users that you share the Bot ID and the ID generated to publish inside the Teams can connect with your chatbot.
We don't recommend you share these IDs with other people for this reason because when the user gets these credentials, he can implement it in another environment.
@renatoromao Sorry, when I said SSO, I meant authentication via Azure. We have set this app and it works fine but I'm trying to avoid the need completely.
As to your second point - this is exactly my issue. It seems that the bot can be added to any team (on any tenant) simply by pasting the app ID into a chat. There's no way I can consider this a secured channel if anyone can access the bot without logging in when all they need is the app ID.
As Renato indicates; the paradigm PVA uses is to have all Chatbots be publically visible (if you have their ID) then protect sensitive topics. We are working on improved Team's integration have given this feedback to the Teams Feature owner PM.
If you want to track the status you can add the ideas to https://ideas.powervirtualagents.com
Hi!
Did you consider as a potential workaround to implement a user's White List (either Sharepoint, or CDS) and once a user starts interacting with your bot, validate it inmediatelly against it by means of a Power Automate Flow?
In the example below, you will see a very simple "Authorize if not me" just for testing purposes
Now it's available to use SSO with Microsoft Teams in Public You can now configure your bots to automatically use Teams’ authentication, so their end users don’t have to sign-in when chatting with a PVA bot in the Teams channel, streamlining the user’s experience.
Power Virtual Agents support for Teams channel Single Sign-on is available in Public Preview | Microsoft Power Virtual Agents
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.
In our never-ending quest to improve we are simplifying the forum hierarchy…
We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…
These are the community rock stars!
Stay up to date on forum activity by subscribing.
Michael E. Gernaey 273 Super User 2025 Season 2
Romain The Low-Code... 271 Super User 2025 Season 2
S-Venkadesh 101 Moderator
