Skip to main content
Community site session details

Community site session details

Session Id : K4y9yr/j5mcI/3B2PJjun8
Copilot Studio - Publish & Channel Management
Answered

Configuring authentication with Dynamics 365/PowerApps Portals

Like (0) ShareShare
ReportReport
Posted on 15 Nov 2019 18:19:10 by 31

I noticed that the Authentication capability is now enabled for Power Virtual Agent, so tried to play with it to see how it works in the context of Dynamics 365 Portals/PowerApps Portals. I am able to successfully configure the Authentication parameters and was able to update my topic to enable the authentication actions.

 

The problem point is that the PVA wants to use the redirect_uri = https://token.botframework.com/.auth/web/redirect and it constucts the authorize request as "https:/myportals.microsoftcrmportals.com/_services/auth/authorize?client_id=04467598ef817506&response_type=token&redirect_uri= https://token.botframework.com/.auth/web/redirect.

 

This fails on the portal as the portal expects a valid portal url as the redirect_uri.

 

For my troubleshooting purposes, I modified the "Authorization URL Query String Template" to hardcode the portal's home page url and this time, the portal authorizes the request and gets the token as expected. But the entire Portal page where the bot is embedded gets refreshed when I click on the "Authenticate" button, hence I lost the context of the bot's authentication.

 

Can the PVA be configured to be authenticated with Dynamics 365 Portals? Am I missing something here? 

 

Best,

Dhina

  • Community Power Platform Member Profile Picture
    on 09 Apr 2020 at 18:08:39
    Re: Configuring authentication with Dynamics 365/PowerApps Portals

    I feel like this thread has answered a different question from the one originally asked. My interpretation of the original question is: How do I pass a users's sign in token already established via the Portal to the bot we have exposed on that portal via Dynamics Omnichannel so that the user can interact with the bot under the security and context of that user. The solution suggested assumes the user has not already authenticated via the web site (portal) and outlines a process where the user will need to sign in again. 

    Technologies:

    Dynamics Portal > Dynamics Omnichannel > Power VA

     

    Dynamics Omnichannel appears to support passing of authentication from the portal but it is not clear if Omnichannel can then pass an authentication context on to Power VA.

     

  • JoeGill Profile Picture
    175 on 27 Nov 2019 at 04:46:34
    Re: Configuring authentication with Dynamics 365/PowerApps Portals

    Thanks I was in touch with Natraj already who helped me

    Joe

  • Verified answer
    pawan-msft Profile Picture
    on 27 Nov 2019 at 02:00:25
    Re: Configuring authentication with Dynamics 365/PowerApps Portals

    There's also a post from Natraj Yegnaraman on authenticating against CDS.

     

    >> https://www.youtube.com/watch?v=25tncJEBb7M

     

    -Pawan

  • Dhinakaran Profile Picture
    31 on 20 Nov 2019 at 18:01:27
    Re: Configuring authentication with Dynamics 365/PowerApps Portals

    Thanks for sharing, Joe. That's great news.

    To confirm - you tested with the PowerApps Portals. Right?

  • Verified answer
    JoeGill Profile Picture
    175 on 20 Nov 2019 at 17:34:15
    Re: Configuring authentication with Dynamics 365/PowerApps Portals

    Tomasz has written a post and once I followed that it worked for me

    https://poszytek.eu/en/microsoft-en/office-365-en/pva-en/pva-series-authentication-in-power-virtual-agent/

     

    hth

    Joe

  • 186alx Profile Picture
    11 on 20 Nov 2019 at 08:11:10
    Re: Configuring authentication with Dynamics 365/PowerApps Portals

    I get the same 400 Bad Request, no details.

    Have you figured out the problem?

  • Dhinakaran Profile Picture
    31 on 19 Nov 2019 at 15:20:59
    Re: Configuring authentication with Dynamics 365/PowerApps Portals

    You are right. D365 Portal only supports Implicit Grant Type and I modified the template to make it work with Implicit Grant Type.

    hmm.. Guess I got too excited and took the word "template" a little too far.

     

    Then it comes down to portals not working with the PVA as far as the authentication goes. It is a little weird though as I would have expected this feature to work on the Portals as both are at the same level and typical demo scenario of these PVAs would be D365 Portals.

     

    Best,
    Dhina

  • HimanathD Profile Picture
    on 18 Nov 2019 at 23:51:08
    Re: Configuring authentication with Dynamics 365/PowerApps Portals

    @Dhina 

    I am not much familiar with authentication flows supported by Dynamics 365,but when I looked in to documentation @ https://docs.microsoft.com/en-us/powerapps/maker/portals/oauth-implicit-grant-flow, I think Dynamics 365 only supports implicit auth flow.

    Whereas the user authentication through PVA expects to use Authorization Grant flow. After looking in to "response_type" param in below URL, it looks like you were also trying to make implicit flow work through PVA which is not possible or supported.

    "https:/myportals.microsoftcrmportals.com/_services/auth/authorize?client_id=04467598ef817506&response_type=token&redirect_uri= https://token.botframework.com/.auth/web/redirect"

    To make user authentication work through PVA, authorization code needs to send by IDP to https://token.botframework.com/.auth/web/redirect which will eventually fetch access token using authorization code and client credentials.

    Thanks

    Himanath

  • JoeGill Profile Picture
    175 on 18 Nov 2019 at 07:08:21
    Re: Configuring authentication with Dynamics 365/PowerApps Portals

    Nothing obvious in my response

     

    Request URL: https://token.botframework.com/.auth/web/redirect?code=XAQABAAIAAACQN9QBRU3jT6bcBQLZNUj7TieMYSJWXPov_qHD5TX7HOgVlZrF1PF4WUvyhTo4a4HfM6kGzaRy7aN8ERNg3laxIBbLCBsBx5pulstr3XWz_2zN05UOHAheFQhurFevkTQ-xMEEM7YDCBZvZP09bnj_TVpiP-CEhnYqpYtkVtz8TjRh6H_IfFI0HD0zXjtGuPf0DqUAppjiLMYZS9wX1wbHjTu8XVEk2coH9i7OlkiTF1NqBXOgx1ECDRCNlauZUVixmlvVQnhTtnWPCML1wDBMeDDSGGdOX0iLxrVhmRrddKr7w82dBrlrWs-GWrqvWf49bIh3gowr9b-uJSMdFPXteW-T3AN0b_bM0iPm_Ed3jWvBkaZ_x4vjxR1Fw-wltGl8zWXDHO97fQngPg7ueDcGBdsx2w08K99C_vU8T4QjezJ9K42URZClNZG_MSffcQpS23mOLWoaN3_rSOVfspl7F5q7lhiRzjhIeu4IT2b1cSvCWZjyf3KvZiewXo6QY1vFaEYd_Y0e466V8pLnkgdeva5UBEG4tBZ86wzhVExkUDJIcdaeF_s4ReSsiELdnDQ6Qq-J8zATkEJryzAPBu043b5Gg9Ihf-bjkHJllUzYDBgTUlJ3uz6pTM7I8nfSa3AgAA&state=06fcb9b20ba343d497e020a8919b2290&session_state=d7cc9a60-59da-4edd-a700-c2bce4fcc9a6
    Request Method: GET
    Status Code: 400
    Remote Address: 52.164.250.133:443
    Referrer Policy: no-referrer-when-downgrade
    content-length: 11
    content-type: text/html
    date: Mon, 18 Nov 2019 07:03:57 GMT
    status: 400
    strict-transport-security: max-age=31536000
    x-content-type-options: nosniff
    :authority: token.botframework.com
    :method: GET
    :path: /.auth/web/redirect?code=XAQABAAIAAACQN9QBRU3jT6bcBQLZNUj7TieMYSJWXPov_qHD5TX7HOgVlZrF1PF4WUvyhTo4a4HfM6kGzaRy7aN8ERNg3laxIBbLCBsBx5pulstr3XWz_2zN05UOHAheFQhurFevkTQ-xMEEM7YDCBZvZP09bnj_TVpiP-CEhnYqpYtkVtz8TjRh6H_IfFI0HD0zXjtGuPf0DqUAppjiLMYZS9wX1wbHjTu8XVEk2coH9i7OlkiTF1NqBXOgx1ECDRCNlauZUVixmlvVQnhTtnWPCML1wDBMeDDSGGdOX0iLxrVhmRrddKr7w82dBrlrWs-GWrqvWf49bIh3gowr9b-uJSMdFPXteW-T3AN0b_bM0iPm_Ed3jWvBkaZ_x4vjxR1Fw-wltGl8zWXDHO97fQngPg7ueDcGBdsx2w08K99C_vU8T4QjezJ9K42URZClNZG_MSffcQpS23mOLWoaN3_rSOVfspl7F5q7lhiRzjhIeu4IT2b1cSvCWZjyf3KvZiewXo6QY1vFaEYd_Y0e466V8pLnkgdeva5UBEG4tBZ86wzhVExkUDJIcdaeF_s4ReSsiELdnDQ6Qq-J8zATkEJryzAPBu043b5Gg9Ihf-bjkHJllUzYDBgTUlJ3uz6pTM7I8nfSa3AgAA&state=06fcb9b20ba343d497e020a8919b2290&session_state=d7cc9a60-59da-4edd-a700-c2bce4fcc9a6
    :scheme: https
    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
    accept-encoding: gzip, deflate, br
    accept-language: en,en-US;q=0.9
    cache-control: max-age=0
    cookie: _ga=GA1.2.1702478537.1570347507; consent06fcb9b20ba343d497e020a8919b2290=ew0KICAicG9zdExvZ2luUmVkaXJlY3RVcmwiOiAiaHR0cHM6Ly90b2tlbi5ib3RmcmFtZXdvcmsuY29tL2FwaS9vYXV0aC9Qb3N0U2lnbkluQ2FsbGJhY2s/c2lnbmluPTZmYjBiMDYxYTk0NTQ4N2RiZDg2MjZjNTAzZDQxNGZkJmNvZGVfY2hhbGxlbmdlPSIsDQogICJsb2dpblNldHRpbmdJZCI6ICIwNjA5MWQxZi1lZjM3LWE4YzktMjlkMC02MDMyMzU2MTAyOTBfZGY4NzRhOGQtZTA5NS03NzVhLTZhYjMiDQp9
    sec-fetch-mode: navigate
    sec-fetch-site: none
    sec-fetch-user: ?1
    upgrade-insecure-requests: 1
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
    code: OAQABAAIAAACQN9QBRU3jT6bcBQLZNUj7TieMYSJWXPov_qHD5TX7HOgVlZrF1PF4WUvyhTo4a4HfM6kGzaRy7aN8ERNg3laxIBbLCBsBx5pulstr3XWz_2zN05UOHAheFQhurFevkTQ-xMEEM7YDCBZvZP09bnj_TVpiP-CEhnYqpYtkVtz8TjRh6H_IfFI0HD0zXjtGuPf0DqUAppjiLMYZS9wX1wbHjTu8XVEk2coH9i7OlkiTF1NqBXOgx1ECDRCNlauZUVixmlvVQnhTtnWPCML1wDBMeDDSGGdOX0iLxrVhmRrddKr7w82dBrlrWs-GWrqvWf49bIh3gowr9b-uJSMdFPXteW-T3AN0b_bM0iPm_Ed3jWvBkaZ_x4vjxR1Fw-wltGl8zWXDHO97fQngPg7ueDcGBdsx2w08K99C_vU8T4QjezJ9K42URZClNZG_MSffcQpS23mOLWoaN3_rSOVfspl7F5q7lhiRzjhIeu4IT2b1cSvCWZjyf3KvZiewXo6QY1vFaEYd_Y0e466V8pLnkgdeva5UBEG4tBZ86wzhVExkUDJIcdaeF_s4ReSsiELdnDQ6Qq-J8zATkEJryzAPBu043b5Gg9Ihf-bjkHJllUzYDBgTUlJ3uz6pTM7I8nfSa3AgAA
    state: 06fcb9b20ba343d497e020a8919b2290
    session_state: d7cc9a60-59da-4edd-a700-c2bce4fcc9a6

  • Community Power Platform Member Profile Picture
    on 18 Nov 2019 at 04:34:25
    Re: Configuring authentication with Dynamics 365/PowerApps Portals
    Still nothing, Pradesh. I’ll keep the thread posted if I find anything new.

    BTW, what is the detailed error that you get ?

    Best,
    Dhina

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Announcing our 2025 Season 2 Super Users!

A new season of Super Users has arrived, and we are so grateful for…

Paul Stork – Community Spotlight

We are honored to recognize Paul Stork as our July 2025 Community…

Congratulations to the June Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Copilot Studio

#1
Michael E. Gernaey Profile Picture

Michael E. Gernaey 468 Super User 2025 Season 2

#2
stampcoin Profile Picture

stampcoin 52 Super User 2025 Season 2

#3
trice602 Profile Picture

trice602 46 Super User 2025 Season 2

Featured topics

Loading complete