User Authentication in Power Virtual Agents

Alternative desc

Microsoft’s Power Virtual Agents (PVA) is a prebuilt configurable option for your organization to create chatbots that conversationally engage with customers or employees. The service supports multiple languages and several internal or external channels including Teams, Facebook Messenger, Slack, Cortana and many others. Best of all, the interface is incredibly intuitive and doesn’t require any coding or artificial intelligence experience to get started.


One of PVA’s more recent feature adds unlocks exciting new possibilities by enabling your bots to have better engagement by understanding who they are talking to through user authentication. Authentication can provide details about the user that allow agents to skip preliminary questions, have insight into and present topics regarding existing issues / questions related to the user, and much more.

PVA User Authentication Options

Option 1: No Authentication


No authentication is the standard configuration for bots. Users can’t sign in and the bot can only access public information and resources.


This option is ideal for situations where user inquiries involve data without disclosure concerns, such seat availability at an event or company contact info. It also can work for situations where the user has a case number to reference such as when tracking a package or checking on the status of an open support ticket.

Alternative desc

Option 2: Only for Teams


Teams authentication is the standard configuration for bots that are created from Microsoft Teams. This method automatically sets up Azure Active Directory for Teams without any configuration necessary and users won’t be prompted to sign in.


This option is ideal for bots intended for internal use, such as HR bots that can answer questions about benefits, offer employee directory information, or provide information drawn from shared internal documents.


Option 3: Manual


Manual authentication allows users to verify their identity by logging in with a third-party account such as Google, Twitter, LinkedIn, another website or essentially any OAuth2-compatible identity provider. This opens a wide array of user interactions possibilities without requiring them to create a new account or have a Dynamics 365 license.


With manual authentication, your bots can answer more complex inquiries or take actions on the user’s behalf, such as posting on social media or adding an event or meeting to their calendar. With the user identity verified, bots can potentially provide more personalized and impactful answers by accessing internal or third-party data. It’s by far the most powerful option, but it will require some additional work to set up.


What kind of skill level does someone need to utilize Power Virtual Agents user authentication?


Any user who is comfortable with building Power Automate flows and has a basic understanding of Power Virtual Agents should be able to utilize options 1 and 2. If you choose to implement option 3, the user should ideally have some experience with OAuth 2 authentication.

Interested in utilizing PVA authentication at your organization? Get in touch with our team for a technology fit consult or read the Microsoft documentation to learn more.

Other articles you might be interested in...