I was creating a bot in azure, but when I try to generate a password shows me a error in the creation:
"Microsoft.AppRegPortal.Providers.Graph.GraphException"
I dont know if it is my fault or not.
New password generation is currently broken. However, I just learned from someone on https://gitter.im/Microsoft/BotBuilder , there is a way to retrieve the initially generated appid and password:
MicrosoftAppId and MicrosoftAppPassword can be found by navigating to the ResourceGroup for the Bot Registration, choosing “Deployments”, then the specific deployment for the bot.
MicrosoftAppId=APPID
MicrosoftAppPassword=APPSECRET
Looks like this issue is very specific to the Applications created internally as a part of bot creation process using Azure Portal. Because creating new Application manually in "apps.dev.microsoft.com" has no such issues.
Considering this the only option feasible right now is to create "Web App Bot" and refer the MicrosoftAppId and MicrosoftAppPassword from "App Settings" of App Service Settings. Then update this new ID and Secret in messaging endpoint service web.config file.
Related
I have a Sonarqube hosted VM in Azure, I tried to integrate with AAD, created the App Registration and given all the details like client ID, Tenant ID, etc. Unfortunately the Sonarqube is hosted without SSL, So i changed the URL from General Settings. But still i'm getting the error "You're not authorized to access this page. Please contact the administrator."
I would suggest checking the limitations for Redirect URIs for Azure AD App Registrations listed here: https://learn.microsoft.com/en-us/azure/active-directory/develop/reply-url
Also make sure the app registration is done correctly. You can follow the steps mentioned here: https://learn.microsoft.com/en-us/graph/auth-register-app-v2
In case the details shared above doesn't help in fixing the authorization error, we would like to understand the actual error code AAD is throwing to SonarCube along with the correlationID and timestamp so that we can check some backend logs based on those.
Problem Description:
I need to add a new app registration for an integration with an application.
I go ahead and create an app registration with minimal details like web redirect URL, owners etc.
Now I would like to add certain permissions to the app using the subscription > (Access Control) IAM and under role assignment, I am not able to find my app unlike others.
Has anyone seen this behavior before?
Thanks,
Akshay
I have encountered this situation before, please make sure your app and the subscription are in the same Azure AD tenant, then just refresh the portal and search for the app name again, it should work.
this past summer, when I created a Bot in Azure and wanted to get the MicrosoftAppId and MicrosoftAppPassword settings, I could open up the Application settings tab on the bot page and scroll down and both would be there. Now, I create a bot and do the same thing but neither setting is there anymore. Where did they go?
TIA
This appears to be a difference between v3 and v4 bots. The settings are there if you create a V3 bot.
The V4 SDK uses the BotFile and BotSecret in the application settings in the app service. The AppId and the Password are supposed to be securely encrypted in the .bot file. But in case you wish to get the AppId and Password, please refer to the steps in Find Your Azure Bot’s AppID and AppSecret
I have added a Web Application in the Microsoft Application Registration Portal. I can view this app in old azure portal. When I try to configure this app as multi tenant and set the Sign-on URL and the App ID URI values, an error pops up saying one of the values is invalid and the save fails. I can connect to this application using OAUTH and get the required refresh and access tokens. Using these tokens in the graph API I can get mails,contacts and calendar events from my office 365 account. But this happens only for a single tenant. I need to able to do this for multiple tenants and so I want to set this app as multi-tenant. If I create the application in Azure AD itself then I am able to set all the values but I cannot connect to this app using OAUTH as the authentication fails with error message saying
error=unauthorized_client&error_description=AADSTS70001%3a+Application+%2791470123-7e7e-4139-9922-ac95b0a6b383%27+is+not+supported+for+this+API+version.
.I went through a few links like here , here and here but until now I haven't been able to find a solution. I am re-posting this as suggested here. Can anyone suggest what I must do to get through this ?
All applications created through the App Registration Portal have the Multi-Tenant flag set to True by default.
The issues you are facing here are likely due to the fact that the App Registration Portal created our new V2 Applications, while our old portals use our V1 Applications. As a result, switching between portals and trying to make configuration changes, you will likely run into issues where our app model has changed, and certain properties exist in one place, and not another.
Finally it is important to note that we now have a V2 endpoint as well, which lines up with our V2 applications. You need to make sure you are using the right kind of application for the right endpoint.
Let me know if this helps!
I registered my app at https://apps.dev.microsoft.com/.
1- I am trying to access calendar rest api. To perform the oauth2, i need the client secret. I can't seem to find the client secret. There is the option for password or private key but using both of those throws an error. Can you please tell me where to find the client secret?
2- There are multiple documents talking about multiple ways of registering an app. Should i register my app at https://apps.dev.microsoft.com/ which using the following end point or authorization:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?
or the make an account on Azure AD and use the following end point:
https://login.microsoftonline.com/common/oauth2/authorize?
Have a look at the https://msdn.microsoft.com/office/office365/HowTo/authentication-v2-preview, especially the "Restrictions on app registrations" section.
Certain limitation are applied depending on how you register a new app.
At this time, all apps that want to integrate with the v2.0 app model must create a new app registration at apps.dev.microsoft.com. Any existing Azure AD or Microsoft Account applications will not be compatible with the v2.0 app model, nor will applications registered in any portal besides the new App Registration Portal. There is no migration path for an application from the generally available Azure AD service to the v2.0 app model.
Similarly, apps registered in the new App Registration Portal will work exclusively with the v2.0 app model. You can not use the App Registration Portal to create apps that will integrate successfully with the Azure Active Directory or Microsoft Account services."
Depending on your needs you should pick how you register your app.
You get the secret by clicking Generate Password in the Application Secrets section when you're viewing your app registration on apps.dev.microsoft.com. If you generate one and don't copy it, you can never retrieve it! If that's the case, you can remove the old secret and generate a new one. There's a walkthrough of registering and getting your secret at https://dev.outlook.com/RestGettingStarted/Tutorial/dotnet (section 3).
I recommend you use apps.dev.microsoft.com.