API Azure Security Center Functions JWT JWT Validation NodeJS Teams

Teams MessageCard authentication (Related to Azure Security Center integration)

This is a brain dump post. If you want some background check PoC part 0 – Integrating Azure Security Center Alerts with MS Teams!

Teams messagecards findings:

  • The outbound call is NOT client-side XHR/AJAX/Fetch style call from the Teams client, but call rather proxied through another MS service.
    • This means, that when you develop the solution, the endpoint that does the messageCard action handling needs to be visible to that Microsoft service (in another words, the service needs to be publicly accessible)
  • Your Bot/Web App/function can verify authenticity of MessageCards action by verifying the embedded JWT token
    • This feature is not directly documented on the docs, so I wanted to make sure that some trace of it is available in the web

Peeking under the hood

  • This is what my ExpressJS based NodeJS Azure Web App sees in the request when feature below is invoked (Sending reply to Azure Security Center Alert)
Another Middleware handles the JWT.Verify(), this is just an route handler, that dumps the token to my console for investigation

References

0 comments on “Teams MessageCard authentication (Related to Azure Security Center integration)

Vastaa

Täytä tietosi alle tai klikkaa kuvaketta kirjautuaksesi sisään:

WordPress.com-logo

Olet kommentoimassa WordPress.com -tilin nimissä. Log Out /  Muuta )

Google photo

Olet kommentoimassa Google -tilin nimissä. Log Out /  Muuta )

Twitter-kuva

Olet kommentoimassa Twitter -tilin nimissä. Log Out /  Muuta )

Facebook-kuva

Olet kommentoimassa Facebook -tilin nimissä. Log Out /  Muuta )

Muodostetaan yhteyttä palveluun %s

%d bloggaajaa tykkää tästä: