Copilot-skill sample: https://hostname/api/messages endpoint mechanism/protection? #359
Unanswered
tzuhsin0329
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
For the Copilot-skill sample:
https://github.com/microsoft/Agents/tree/main/samples/python/copilotstudio-skill
It will start a chat agent server and have a public endpoint exposed to network:
https://hostname/api/messages
After this, we will fill this endpoint into Azure bot service as a configuration.
I want to ask if this endpoint have an authorization process to prevent other to chat with my agent?
Cause it's dangerous if we just deploy the service on public network.
Below is what I guess about the architecture, not 100% sure cause I can't find any doc to explain this.
The /api/messages endpoint authorization is processed by agent SDK, so developer don't need to do about that.
The actual endpoint used by bot service WebChat, copilot studio, teams is other endpoint api://botid-{{appid}} that wrap the /api/messages endpoint. And we can use https://github.com/microsoft/Agents/tree/main/samples/python/obo-authorization method to control the authorization by the url: api://botid-{{appid}}. Is this correct?
Can anyone help to explain this architecture or provide some tech docs? Thanks a lot.
Beta Was this translation helpful? Give feedback.
All reactions