search

pnp / teams-dev-samples

Microsoft Teams sample applications and related content https://aka.ms/teams-samples
MIT License
286 stars 148 forks source link

feat: added msgext-api-tflstatus sample #1176

Closed anoopt closed 2 months ago

anoopt commented 3 months ago
Q A
Bug fix? no
New feature? no
New sample? yes
Related issues? NA

What's in this Pull Request?

I was reading about API based message extension and created this simple sample as a PoC to understand the different elements involved. It is a simple sample. I won't be disappointed if you reject this PR :)

A related question - this sample (optionally) needs an API key to passed in the query string. After packaging that API key becomes part of the OpenAPI spec file which gets uploaded to Teams. Is that ok?

The other option is to pass app_key in the header. The last part of the "secret service auth" in the Authentication section of this documentation mentions that "The API key is stored securely and added to the API call". It doesn't specify the name of the key that is added in the header to the request. So, if we use that approach, is there a way to specify our own key name (it is app_key for the TfL API used in this sample). I added an API key in the dev portal as per the instructions and supplied an invalid key on purpose so that request fails and unfortunately the request is not failing. If I do the same in postman (i.e. specify an invalid value for the app_key header, the request fails).

anoopt commented 2 months ago

Sorry @BobGerman , do you mind answering the question please I had as part of this PR related to the app key?