When using Front Office or Service Now the end user has to verify they own their email address by getting a Pin then typing it into the bot.
What would be good if instead they click on a link in the email and it verifies them automatically which moves the bot into the next part of the flow.
This is done in power automate.
Authentication is the biggest technical hurdle to figure out as the end user is not part of our identities.
You wouldn't need authentication. All you would need is a unique token that updates the bot user state. I think the biggest challenge would actually be updating the state of the Bot User from outside of the bot