Error when Cortana tries to authenticate my Bot
I am trying to connect Cortana to my QnA Bot using MS Bot Framework with Azure Bot Service.
While testing on Windows 10 Desktop when I speak the Invocation Phrase - Cortana tries to authenticate me but gives the below error. Please let me know what am I doing wrong?
I recently implemented a Cortana skill and had several challenges with making authentication work. However, I see a few issues with your configuration:
In addition, here are my best practices that should make your scenario work:
If you followed this guidance...
Hopefully you learned about scopes. If not, file a github comment to clarify.
User.Read is needed to access profile for AAD IAM. You don't need it unless you are making profile calls against MS graph.
If you are just logging in against AAD IAM, you need openid scope.
If you want the email address in the JWT token returned, you add email scope.
If you want user profile data (name) in the JWT token, you add profile scope.
If you want Cortana to handle refresh tokens for you (ie not re-log in every two hours) you add offline_access scope.
When you add your app registration, you need to grant all these scopes to the web app and add cortana's redirect URI. Like mentioned, some scopes need an admin to grant (if you are using AAD accounts).
Your cortana channel configuration must request these scopes (exactly).
Then you won't get permission errors.
You can see what scopes have been granted to a JWT token by decoding it.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.