diff --git a/teams.md/docs/main/teams/app-authentication/README.md b/teams.md/docs/main/teams/app-authentication/README.md index 44aa2a2a2..eb76883ed 100644 --- a/teams.md/docs/main/teams/app-authentication/README.md +++ b/teams.md/docs/main/teams/app-authentication/README.md @@ -1,6 +1,6 @@ --- sidebar_position: 4 -summary: Set up authentication for your Teams bot using client secrets, user managed identities, or federated identity credentials +summary: Set up authentication for your Teams bot using client secrets, user assigned managed identities, or federated identity credentials --- # App Authentication Setup @@ -12,7 +12,7 @@ Your Teams bot needs to authenticate with Azure to send messages. This involves Choose one of the following authentication methods based on your security requirements: 1. **[Client Secret](client-secret)** - Simple password-based authentication using a client secret -2. **[User Managed Identity](user-managed-identity)** - Passwordless authentication using Azure managed identities +2. **[User Assigned Managed Identity](user-managed-identity)** - Passwordless authentication using Azure managed identities 3. **[Federated Identity Credentials](federated-identity-credentials)** - Advanced identity federation using managed identities assigned to App Registration Each method has different setup requirements in Azure Portal or Azure CLI. diff --git a/teams.md/docs/main/teams/app-authentication/federated-identity-credentials.md b/teams.md/docs/main/teams/app-authentication/federated-identity-credentials.md index d4d95116d..e9c1b146e 100644 --- a/teams.md/docs/main/teams/app-authentication/federated-identity-credentials.md +++ b/teams.md/docs/main/teams/app-authentication/federated-identity-credentials.md @@ -9,7 +9,7 @@ import TabItem from '@theme/TabItem'; # Federated Identity Credentials Setup -Federated Identity Credentials (FIC) allows you to assign managed identities directly to your App Registration instead of creating a separate User Managed Identity resource. +Federated Identity Credentials (FIC) allows you to assign managed identities directly to your App Registration instead of creating a separate User Assigned Managed Identity resource. ## Prerequisites @@ -17,7 +17,7 @@ Before you begin, ensure you have: - An Azure subscription - Permissions to create App Registrations, Azure Bot Services, and manage identities - A compute resource where your bot will be hosted (App Service, Container App, VM, etc.) -- Either a User Managed Identity or the ability to use System Assigned Identity +- Either a User Assigned Managed Identity or the ability to use System Assigned Identity ## Setup Steps @@ -39,7 +39,7 @@ Assign managed identities to your App Registration using Federated Credentials. 3. Select the **Federated Credentials** tab 4. Click **Add credential** 5. Select the federated credential scenario (e.g., "Customer managed keys") -6. Choose the User Managed Identity or configure for System Assigned Identity +6. Choose the User Assigned Managed Identity or configure for System Assigned Identity 7. Complete the required fields and click **Add** ![Federated Identity Creds](/screenshots/fic.png) @@ -50,7 +50,7 @@ The identity you select here must also be assigned to the compute resource where ```bash -# Add a federated credential for a user managed identity +# Add a federated credential for a user assigned managed identity az ad app federated-credential create \ --id $APP_ID \ --parameters '{ @@ -71,13 +71,13 @@ The managed identity configured in the federated credential must be assigned to -**For User Managed Identity:** +**For User Assigned Managed Identity:** 1. Navigate to your compute resource in the Azure Portal 2. Go to **Identity** section in the left menu 3. Select the **User assigned** tab 4. Click **Add** -5. Select the User Managed Identity you configured in the federated credential +5. Select the User Assigned Managed Identity you configured in the federated credential 6. Click **Add** to confirm **For System Assigned Identity:** @@ -92,7 +92,7 @@ The managed identity configured in the federated credential must be assigned to ```bash -# For user managed identity: +# For user assigned managed identity: az webapp identity assign \ --name $APP_NAME \ --resource-group $RESOURCE_GROUP \ diff --git a/teams.md/docs/main/teams/app-authentication/user-managed-identity.md b/teams.md/docs/main/teams/app-authentication/user-managed-identity.md index fffa4072d..0ce1252c9 100644 --- a/teams.md/docs/main/teams/app-authentication/user-managed-identity.md +++ b/teams.md/docs/main/teams/app-authentication/user-managed-identity.md @@ -1,15 +1,15 @@ --- sidebar_position: 2 -title: User Managed Identity Setup -summary: Set up User Managed Identity authentication for your Teams bot in Azure Portal or Azure CLI +title: User Assigned Managed Identity Setup +summary: Set up User Assigned Managed Identity authentication for your Teams bot in Azure Portal or Azure CLI --- import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem'; -# User Managed Identity Authentication Setup +# User Assigned Managed Identity Authentication Setup -User Managed Identity authentication eliminates the need for secrets or passwords. A managed identity is created alongside your bot and assigned to your compute resource (App Service, Container App, VM, etc.). +User Assigned Managed Identity authentication eliminates the need for secrets or passwords. A managed identity is created alongside your bot and assigned to your compute resource (App Service, Container App, VM, etc.). ## Prerequisites @@ -20,17 +20,17 @@ Before you begin, ensure you have: ## Setup Steps -### Step 1: Create Azure Bot with User Managed Identity +### Step 1: Create Azure Bot with User Assigned Managed Identity -When creating your Azure Bot Service, select `User Managed Identity` for the `Type of App`. +When creating your Azure Bot Service, select `User Assigned Managed Identity` for the `Type of App`. -![User Managed Identity](/screenshots/umi-auth.png) +![User Assigned Managed Identity](/screenshots/umi-auth.png) -This will automatically create a User Managed Identity resource alongside your bot. +This will automatically create a User Assigned Managed Identity resource alongside your bot. ### Step 2: Assign the Managed Identity to Your Compute Resource -The User Managed Identity created with your bot must be assigned to the service running your application. +The User Assigned Managed Identity created with your bot must be assigned to the service running your application. @@ -39,7 +39,7 @@ The User Managed Identity created with your bot must be assigned to the service 2. Go to **Identity** section in the left menu 3. Select the **User assigned** tab 4. Click **Add** -5. Select the User Managed Identity that was created with your Azure Bot +5. Select the User Assigned Managed Identity that was created with your Azure Bot 6. Click **Add** to confirm diff --git a/teams.md/src/components/include/essentials/app-authentication/python.incl.md b/teams.md/src/components/include/essentials/app-authentication/python.incl.md index 93ec791ae..8abdbf081 100644 --- a/teams.md/src/components/include/essentials/app-authentication/python.incl.md +++ b/teams.md/src/components/include/essentials/app-authentication/python.incl.md @@ -1,6 +1,6 @@ -Your application should automatically use User Managed Identity authentication when you provide the `CLIENT_ID` environment variable without a `CLIENT_SECRET`. +Your application should automatically use User Assigned Managed Identity authentication when you provide the `CLIENT_ID` environment variable without a `CLIENT_SECRET`. ## Configuration diff --git a/teams.md/src/components/include/essentials/app-authentication/typescript.incl.md b/teams.md/src/components/include/essentials/app-authentication/typescript.incl.md index 93ec791ae..8abdbf081 100644 --- a/teams.md/src/components/include/essentials/app-authentication/typescript.incl.md +++ b/teams.md/src/components/include/essentials/app-authentication/typescript.incl.md @@ -1,6 +1,6 @@ -Your application should automatically use User Managed Identity authentication when you provide the `CLIENT_ID` environment variable without a `CLIENT_SECRET`. +Your application should automatically use User Assigned Managed Identity authentication when you provide the `CLIENT_ID` environment variable without a `CLIENT_SECRET`. ## Configuration diff --git a/teams.md/src/pages/templates/essentials/app-authentication.mdx b/teams.md/src/pages/templates/essentials/app-authentication.mdx index 26007379e..54a65ee03 100644 --- a/teams.md/src/pages/templates/essentials/app-authentication.mdx +++ b/teams.md/src/pages/templates/essentials/app-authentication.mdx @@ -1,7 +1,7 @@ --- sidebar_position: 5 title: App Authentication -summary: Configure app authentication in your Teams SDK application using client secrets, user managed identities, or federated identity credentials +summary: Configure app authentication in your Teams SDK application using client secrets, user assigned managed identities, or federated identity credentials languages: ['typescript','python'] --- @@ -18,7 +18,7 @@ Before configuring your application, you must first set up authentication in Azu There are 3 main ways of authenticating: 1. **Client Secret** - Simple password-based authentication using a client secret -2. **User Managed Identity** - Passwordless authentication using Azure managed identities +2. **User Assigned Managed Identity** - Passwordless authentication using Azure managed identities 3. **Federated Identity Credentials** - Advanced identity federation using managed identities ## Configuration Reference @@ -29,8 +29,8 @@ The Teams SDK automatically detects which authentication method to use based on |-|-|-|-| | not_set | | | No-Auth (local development only) | | set | set | | Client Secret | -| set | not_set | | User Managed Identity | -| set | not_set | set (same as CLIENT_ID) | User Managed Identity | +| set | not_set | | User Assigned Managed Identity | +| set | not_set | set (same as CLIENT_ID) | User Assigned Managed Identity | | set | not_set | set (different from CLIENT_ID) | Federated Identity Credentials (UMI) | | set | not_set | "system" | Federated Identity Credentials (System Identity) | @@ -58,13 +58,13 @@ TENANT_ID=your-tenant-id The SDK will automatically use Client Secret authentication when both `CLIENT_ID` and `CLIENT_SECRET` are provided. -## User Managed Identity +## User Assigned Managed Identity Passwordless authentication using Azure managed identities - no secrets to rotate or manage. ### Setup -First, complete the [User Managed Identity Setup](/teams/app-authentication/user-managed-identity) in Azure Portal or Azure CLI. +First, complete the [User Assigned Managed Identity Setup](/teams/app-authentication/user-managed-identity) in Azure Portal or Azure CLI. ### Configuration @@ -84,11 +84,11 @@ First, complete the [Federated Identity Credentials Setup](/teams/app-authentica Depending on the type of managed identity you select, set the environment variables accordingly. -**For User Managed Identity:** +**For User Assigned Managed Identity:** Set the following environment variables: - `CLIENT_ID`: Your Application (client) ID -- `MANAGED_IDENTITY_CLIENT_ID`: The Client ID for the User Managed Identity resource +- `MANAGED_IDENTITY_CLIENT_ID`: The Client ID for the User Assigned Managed Identity resource - **Do not set** `CLIENT_SECRET` - `TENANT_ID`: The tenant id where your bot is registered