Description
Is your feature request related to a problem? Please describe.
I'm provisioning a Microsoft Teams app using teamsapp provision with the generateClientSecret: true option. The problem is that the generated client secret is in an encrypted format (crypto_xxxx), which cannot be used with the Bot Framework SDK (e.g., with CloudAdapter). This forces me to manually go into the Azure portal, find the corresponding AAD app registration, and create a new client secret just to make the bot work. This breaks the automation flow and is frustrating during both development and CI/CD setup.
Describe the solution you'd like
I’d like teamsapp provision to either:
- Output the actual client secret (
V~...) once at provisioning time so I can store it securely (e.g., in.env), or - Provide a CLI command (e.g.,
teamsapp env decrypt) to retrieve or decrypt the actual value from the generated secret for local development use.
Describe alternatives you've considered
I currently use the Azure portal to generate a new secret manually after provisioning, which is tedious and error-prone. I've also looked into using the Azure CLI (az ad app credential reset) as a workaround, but it adds complexity and deviates from the intended teamsapp workflow.
Additional context
This affects the ability to use teamsapp as a fully automated provisioning tool in real-world bot-enabled Teams apps. Having to manually override secrets reduces confidence in reproducibility and complicates CI/CD.