semantic-kernel icon indicating copy to clipboard operation
semantic-kernel copied to clipboard

Published 20 hours ago verified publisher icon microsoft

copilot-chat-app webapp documentation around AAD setup insufficient

Open IanNorris opened this issue 1 year ago • 4 comments

Describe the bug When setting up the app for the first time with AAD authentication, a new AAD application is required. Please document the required settings, and for example what redirect URLs are required for the application.

Likewise the models required to be deployed should be listed for Azure OpenAI so they're in one place.

To Reproduce Deploy a new local instance with a new AAD app and note missing info in the docs.

Expected behavior The setup instructions should document all necessary steps to get the application running.

IanNorris avatar May 05 '23 16:05 IanNorris

Hi IAmNorris, did you follow the steps in the README and the inline documentation within appsetttings?

In README, I followed these instructions for AAD which includes redirects: image

From the appsettings file in webapi, I followed guidance shown here and chose gpt-35-turbo for completions and text-embedding-ada-002 for embeddings based on the examples mentioned. (Scrambled my endpoint and key) image

cchighman avatar May 05 '23 22:05 cchighman

@IanNorris , did the information above (in the readme) help get you unblocked?

evchaki avatar May 09 '23 21:05 evchaki

Thanks @evchaki, I'd managed to miss the bit about redirect URIs in the docs, I'm not sure how I missed it. However even when configured as described I'm now getting a 401 from the backend, with the error: Bearer error="invalid_token", error_description="The signature is invalid" after logging in. I can see a valid bearer token being sent (valid in that the exp is in the future and the audience is the the correct client id).

For the time being I've disabled Authorization. If anyone on the dev team has seen this error before it may be useful to document it here for others searching for the issue as well.

IanNorris avatar May 09 '23 21:05 IanNorris

Note that, as a mitigation while we make the doc better and your 401's are figured out, you can use an API key to auth to the Copilot Chat instead of being wide open: Authorization

Oh, actually, the frontend doesn't support that auth method yet... I'll try to change that shortly too.

glahaye avatar May 16 '23 19:05 glahaye

Chat Copilot is moving to its own repo. Closing this issues but opening a corresponding one in the new repo: https://github.com/microsoft/chat-copilot/issues/54

glahaye avatar Jul 27 '23 04:07 glahaye