Go to Azure active directory, and open App Registrations. Create a new one:
Select the supported accounts types and press Register
Next, open Authentication section and press Add Platform:
Add a web application:
Add the redirect URL of https://token.botframework.com/.auth/web/redirect
Press Register
Go to the section of Expose and API, and press Add a scope, leaving the default value:
Provide the Scope Name (can be any)
Press Add scope
Add authorization to this scope for the bot service application ID (check in Section 5 Create Azure Bot Channel)
Under Certificates and Secrets, add a client secret and write it down
If you want to restrict access to this app – find the same app under Enterprise Apps and change the setting of User Assignment Required to “Yes”, then add users in Users and groups
Paste you copied App ID and Client Secret into the appropriate fields in the Identity Providers application – Middleware Section (refer to the Bot Management Configuration Guide for details)
