Data connection using Server-to-server authentication
When calling a Data Source from the Data Connection step, usually authentication of some sort is required. Only limited use cases allow you to get away with anonymous access. Health Bot supports OAUTH2 server-to-server authentication out-of-the-box. When calling the actual resource with RESTful API, Health Bot first checks if there is already existing valid token in the global bot storage, if not, it obtains the new token using the "Authentication Provider" configuration, places it in the "Authorization" header and proceeds with the call. Upon success, stores the new token for consecutive calls for improved performance. Navigate to "Integrations/Authentication Providers". Click on the "New" button and fill out the required fields. Give it a unique name optional description, authentication methods should be "server-to-server" client id, client secret and the URL for obtaining the token. Note: The URL should use v2.0 endpoint that uses "scope" (not "resource" like in v1.0). It's recommended that you verify the settings by clicking the "verify settings" link. This will create the token and show it as decrypted JWT. Verify that all the claims in the JWT are correct. When calling the resource, in the Data Connection step. Click on the "Authentication Providers" dropdown and select the provider that you like. When running the step, it will take care of the authentication flow for you. There is no need to define "Authorization" Header since it will be added implicitly just before the call.
