search

microsoft / botbuilder-dotnet

Welcome to the Bot Framework SDK for .NET repository, which is the home for the libraries and packages that enable developers to build sophisticated bot applications using .NET.
https://github.com/Microsoft/botframework
MIT License
869 stars 478 forks source link

[On-Prem Deployment] How to host C# .NET Team Bot (provided in template) on Windows? #6598

Closed Aurimas-TheDev closed 1 year ago

Aurimas-TheDev commented 1 year ago

🚨 The issue tracker is not for questions 🚨

If you have a question, please ask it on https://stackoverflow.com/questions/tagged/botframework

Since my Stack Overflow question was cloed "because it is not code question, but how to" I am trying it here. Or please sort Stack Overflow questions properly, as it is not customer friendly, when you direct to Stack Overflow for questions "how to", but in Stack Overflow you close it because it is a question "how to".

Not able to find material/proper documenation/trainings on how to host Teams Bot on prem, so it would be isolated to company environment

My goal is to create a Teams bot, which would be available inside a company only, and it would interact with a database which is highly restricted.

What steps should I do? A material using default .NET templates would be great

anishprasad01 commented 1 year ago

Hi @Aurimas-TheDev,

Sorry to hear about your difficulties with StackOverflow, but we do not exercise any control over that platform.

As per your question, a Bot Framework bot is essentially just a web app. The bot code itself can be hosted anywhere you want, including in an on-prem server.

The only required piece that must live in Azure is the Azure Bot resource, which is essentially an App Registration along with facilities to connect the bot to other Azure resources (such as databases) or various communication channels (such as WebChat or Teams). This registration is required to communicate with a Bot Framework bot, and it can live within your Azure tenant. This means that your bot must have an accessible endpoint that the Azure Bot resource can connect to. This endpoint could be accessible through a secure tunnel to your on-prem data center or some other mechanism, but the Azure Bot resource must be able to reach it.

To limit access to internal users, you would need to implement user authentication prompts and/or SSO and require users to have valid authorization before they can access any of the bot's features. For example, if your employees are all part of an Azure Active Directory, you can design the bot to automatically verify their credentials upon connecting with the bot and reject commands from unauthorized users. You also control distribution of the Teams app required to communicate with your bot and can disable access on other channels.

If you encounter a bug or have a feature request when implementing your bot, feel free to open an issue here.