Create a custom endpoint for generate a Direct Line token #139

MrDave1999 · 2023-01-16T02:00:48Z

It is necessary to create an endpoint that is responsible for calling the DirectLine API to generate a token and this is because if it is done from the client, the secret key would be exposed, this brings as a consequence that any malicious user could access any conversation associated with the bot.

The solution is to create a service on the back-end side in which it is in charge of making a request to the next endpoint:

POST https://directline.botframework.com/v3/directline/tokens/generate
Authorization: Bearer SECRET_KEY

This can be done on the front-end side but it would be insecure.

MrDave1999 added security Issue or pull request related to application security feature New feature or request labels Jan 16, 2023

MrDave1999 added this to the v1.0.0 milestone Jan 16, 2023

MrDave1999 added this to DentallApp (first stage) Jan 16, 2023

MrDave1999 moved this to To Do in DentallApp (first stage) Jan 16, 2023

MrDave1999 mentioned this issue Jan 16, 2023

Use endpoint to generate DirectLine token DentallApp/front-end#61

Closed

MrDave1999 removed this from the v1.0.0 milestone Jan 21, 2023

MrDave1999 linked a pull request Jan 23, 2023 that will close this issue

Added a custom endpoint for generate a Direct Line token #142

Merged

MrDave1999 closed this as completed in #142 Jan 24, 2023

github-project-automation bot moved this from To Do to Done in DentallApp (first stage) Jan 24, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Create a custom endpoint for generate a Direct Line token #139

Create a custom endpoint for generate a Direct Line token #139

MrDave1999 commented Jan 16, 2023

Create a custom endpoint for generate a Direct Line token #139

Create a custom endpoint for generate a Direct Line token #139

Comments

MrDave1999 commented Jan 16, 2023