Client Secret Authentication Setup

Client Secret authentication is the simplest method, using a password-like secret to authenticate your bot. While easy to set up, secrets need to be rotated periodically and kept secure.

Prerequisites

Before you begin, ensure you have:

An Azure subscription
Permissions to create App Registrations and Azure Bot Services

Setup Steps

Step 1: Create Azure Bot with Single Tenant

When creating your Azure Bot Service, you must select Single Tenant for the Type of App.

Navigate to your App Registration in the Azure Portal
Go to Certificates and Secrets
Click New client secret
Add a description and select an expiration period
Click Add
Important: Copy the secret value immediately - it won't be shown again

# Create a new client secret
az ad app credential reset --id $APP_ID --append

The command will output the secret value. Save it securely.

Next Steps

After completing the Azure setup, configure your application code with the appropriate environment variables. See the App Authentication Essentials Guide for details.

Feedback

Was this page helpful?

Last updated on 2026-02-25