Skip to main content

Federated Identity Credentials Setup

Federated Identity Credentials (FIC) allows you to assign managed identities directly to your App Registration instead of creating a separate User Managed Identity resource.

Prerequisites​

Before you begin, ensure you have:

  • An Azure subscription
  • Permissions to create App Registrations, Azure Bot Services, and manage identities
  • A compute resource where your bot will be hosted (App Service, Container App, VM, etc.)
  • Either a User Managed Identity or the ability to use System Assigned Identity

Setup Steps​

Step 1: Create Azure Bot with Single Tenant​

When creating your Azure Bot Service, select Single Tenant for the Type of App.

Single Tenant Bot Creation

Step 2: Configure Federated Credentials​

Assign managed identities to your App Registration using Federated Credentials.

  1. Navigate to your App Registration in the Azure Portal
  2. Go to Certificates and Secrets
  3. Select the Federated Credentials tab
  4. Click Add credential
  5. Select the federated credential scenario (e.g., "Customer managed keys")
  6. Choose the User Managed Identity or configure for System Assigned Identity
  7. Complete the required fields and click Add

Federated Identity Creds

The identity you select here must also be assigned to the compute resource where your application is hosted.

Step 3: Assign the Managed Identity to Your Compute Resource​

The managed identity configured in the federated credential must be assigned to your compute resource.

For User Managed Identity:

  1. Navigate to your compute resource in the Azure Portal
  2. Go to Identity section in the left menu
  3. Select the User assigned tab
  4. Click Add
  5. Select the User Managed Identity you configured in the federated credential
  6. Click Add to confirm

For System Assigned Identity:

  1. Navigate to your compute resource in the Azure Portal
  2. Go to Identity section in the left menu
  3. Select the System assigned tab
  4. Set Status to On
  5. Click Save

Next Steps​

After completing the Azure setup, configure your application code with the appropriate environment variables. See the App Authentication Essentials Guide for details.