[英]security of app service for bot built for Teams
I am building a bot for Teams so that users can get information of my backend service.我正在为 Teams 构建一个机器人,以便用户可以获取我的后端服务的信息。 To achieve that, I need build an app service as a middle layer to connect teams and my backend service.为此,我需要构建一个应用服务作为中间层来连接团队和我的后端服务。 In such a case, I am wondering how to make my middle layer app service more secure such that nobody can call the app service except the messages from Teams.在这种情况下,我想知道如何让我的中间层应用服务更安全,这样除了来自 Teams 的消息之外,没有人可以调用应用服务。 Or is it not necessary to consider such protection?还是不需要考虑这种保护?
Teams ----> middle layer APP ---> backend service Teams ----> 中间层 APP ---> 后端服务
Posting the Answer for better knowledge发布答案以获得更好的知识
Copying from @RajeeshMenoth comments从@RajeeshMenoth 评论复制
You can allow only ms team users by AD privilege's through grahp api and middle layer is look like your bot app and their you need to write your logic.您可以通过 grahp api 仅允许 MS 团队用户通过 AD 权限,中间层看起来像您的机器人应用程序,您需要编写逻辑。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.