Azure Bot Direct Line Key
Description
General
- Documentation: https://learn.microsoft.com/en-us/azure/bot-service/rest-api/bot-framework-rest-direct-line-3-0-authentication
- Summary: Azure Bot Service lets client applications communicate with a bot through the Direct Line channel. A Direct Line secret is a master key used to authenticate requests to the Direct Line API. It can access any conversation belonging to the associated bot and does not expire. This detector finds these secret keys.
Revoke the secret
Direct Line secret keys can be rotated in the Azure portal:
- Navigate to the Azure Bot resource.
- Under Bot Settings, select Channels.
- Open the Direct Line channel and select the site (for example, Default Site).
- Under Secret keys, regenerate the key.
Details for Azure Bot Direct Line Key
-
Family: token
-
Category: cloud_provider
-
Company: Microsoft
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
Revoker available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Occurrences found for one million commits: 0.05
-
Prefixed: False
