An example for using Device Code Flow authentication with Azure Bot Service
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

OAuth 2.0 Device Code Flow Authentication with Azure Bot Framework - Example


This is a basic example of using Azure Active Directory (AAD) Authentication using OAuth 2.0 Device Code Flow with Azure Bot Service in Node.js. Full details can be found in this blog post.



First, create a new Storage Account in Azure, copy the connection string and also create an empty Table for persisting the bot's state. Then register your bot as an Native Application in the Application Registration Portal (make sure you're signed into the right AAD):

  1. Open Apps Dev Portal and click Add an app
  2. Give our app a name
  3. Click on the new app and note the Application Id (this will become your AZUREAD_APP_ID)
  4. Under Platforms, click Add Platform and choose Native Application

Then, in a terminal, execute:

$ git clone
$ cd bot-service-device-flow-authentication
$ npm install
$ cp .env.template .env
$ vi .env

Setup your .env file with

BOT_STATE_TABLE= # Name of the table you've created for persiting the bot's state
STORAGE_ACCOUNT_CONNECTION= # the associated storage connection
AZUREAD_ID= # the ID of your Azure Active Directory (see below)
AZUREAD_APP_ID= # The App ID of the app you've just created

You can find your AZUREAD_ID by going to the Azure Portal, switching to the correct Azure Active Directory and clicking Properties --> Directory ID. Lastly, start your bot:

$ node app.js

Then connect to http://localhost:3978/api/messages via the Bot Framework Emulator. No App Id or App Password needed.

Alternatively, you can directly run the example code from VS Code.

Suggestions & Questions

If you have any suggestions or questions, feel free to reach out to me via @clemenssiebler!


Licensed using the MIT License (MIT). For more information, please see LICENSE.