User Managed Identity authentication eliminates the need for secrets or passwords. A managed identity is created alongside your bot and assigned to your compute resource (App Service, Container App, VM, etc.).
Prerequisites
Before you begin, ensure you have:
- An Azure subscription
- Permissions to create App Registrations, Azure Bot Services, and manage identities
- A compute resource where your bot will be hosted (App Service, Container App, VM, etc.)
Setup Steps
Step 1: Create Azure Bot with User Managed Identity
When creating your Azure Bot Service, select User Managed Identity for the Type of App.
This will automatically create a User Managed Identity resource alongside your bot.
Step 2: Assign the Managed Identity to Your Compute Resource
The User Managed Identity created with your bot must be assigned to the service running your application.
- Navigate to your compute resource (App Service, Container App, VM, etc.) in the Azure Portal
- Go to Identity section in the left menu
- Select the User assigned tab
- Click Add
- Select the User Managed Identity that was created with your Azure Bot
- Click Add to confirm
Next Steps
After completing the Azure setup, configure your application code with the appropriate environment variables. See the App Authentication Essentials Guide for details.