
Are the security measures listed on the Settings | Security blade (i.e., Sharing, Authentication, We channel security, Allowlist) mutually exclusive or can they be mixed and matched such that I could use Sharing to share the bot a specific users in my organization AND ALSO "require secured access" in the Settings | Web Channel Security section? I am also wondering if I used one form of securing the bot, if it would affect the others. For example, let's say I use the Settings | Sharing blade to only share the bot with users in a specific user group and I don't do any other type of securing of the bot, would that bot still be accessed from the demo website if I knew the bot ID or access it with Direct Line if I had the bot secret?
-Russ Williams
Each bot has its own security settings. You must contact the 365 admin to configure the permissions for specific users.
You can learn more how the web channel security works by visiting this link - Configure web channel security - Power Virtual Agents | Microsoft Learn