Azure-cli: az bot create "AuthorizationFailed" error

Any stack trace is considered a bug. @swagatmishra2007 it looks like the create command tries to verify the name is available and that is the source of the problem. Can you confirm?

i investigated this and it's a botservices service side issue (more of a regression with our latest build). it should be fixed today/tomorrow. i will update this thread when done

@tjprescott after some more investigation, i see that the checknameavailability api is not being called properly in my cli code. so i will have to fix it in the command module. the api seemed to work on my tenant but doesnt work in all tenants. i will remove the faulty api in a pr

@tjprescott until this gets fixed in the next version of cli , is there any way to list in some "known issues" page? alternately, is there a way to release a hotfix for this, for folks who have installed this release?

@cloudguy-pro i have identified the issue and will fix it in the next version of the cli. For the time being , to unblock bot creation, i have put the fix in the "botservice" extension, which you can install as
az extension add -n botservice

@swagatmishra2007 thank you but it doesn't work for me:

az bot create -k function -n Cloudguy_CLI_Bot -g Cloudguy_CLI_Bot -l westus --lang Node -v v4

I get this output:

Extension botservice (0.0.3) has been suppressed. These commands are now in the CLI
Remove this extension with 'az extension remove --name botservice'
(RequestBodyNotSupported) The HTTP Verb 'GET' should not have a request body.
Traceback (most recent call last):
File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\Lib\site-packages\knack\cli.py", line 197, in invoke
cmd_result = self.invocation.execute(args)
File "C:\Users\troyd\AppData\Local\Temp\pip-install-8mvi0rnf\azure-cli-core\azure\cli\core\commands__init__.py", line 369, in execute
File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\Lib\site-packages\six.py", line 693, in reraise
raise value
File "C:\Users\troyd\AppData\Local\Temp\pip-install-8mvi0rnf\azure-cli-core\azure\cli\core\commands__init__.py", line 343, in execute
File "C:\Users\troyd\AppData\Local\Temp\pip-install-8mvi0rnf\azure-cli-core\azure\cli\core\commands__init__.py", line 182, in __call__
File "C:\Users\troyd\AppData\Local\Temp\pip-install-8mvi0rnf\azure-cli-core\azure\cli\core__init__.py", line 436, in default_command_handler
File "C:\Users\troyd\AppData\Local\Temp\pip-install-8mvi0rnf\azure-cli-botservice\azure\cli\command_modules\botservice\custom.py", line 84, in create
File "C:\Users\troyd\AppData\Local\Temp\pip-install-8mvi0rnf\azure-mgmt-botservice\azure\mgmt\botservice\operations\bots_operations.py", line 491, in get_check_name_availability
azure.mgmt.botservice.models.error.ErrorException: (RequestBodyNotSupported) The HTTP Verb 'GET' should not have a request body.

@cloudguy-pro i see you are still using the older extension (0.0.3) while you need to use the latest one (0.4.0). the older extension is meant for folks using an older version of the cli.
just do the following to get the latest extension -
az extension remove -n botservice
then
az extension add -n botservice

Ok, that leads me to the next problem:

Unable to provision MSA id automatically. Please pass them in as parameters and try again.

This command should be creating the MSA App ID and password automatically as it does when I create a bot using the Azure portal. Do you have any ideas?
I already tried logging in with different MSA accounts and corporate accounts, but I always get this error...

unfortunately that api is flaky...we are trying to make it better and actively working on it.
for the time being, please use apps.dev.microsoft.com to create msa appid/password and pass those in as parameters

ok, what a pitty that is I wanted to setup everything for a bot via the CLI without any other interace... Do you know if this is something which is on the roadmap?

unfortunately that api is flaky...we are trying to make it better and actively working on it.
for the time being, please use apps.dev.microsoft.com to create msa appid/password and pass those in as parameters

When you visit that link it shows two options. To create converged application or use Azure AD only applications. Where should I create the application?

@cloudguy-pro we're planning on improving the provisioning of MSA appId and appPasswords; this work should be completed when Microsoft/botbuilder-tools#393 goes in. We're aiming to get that work in by the BotBuilder SDK's 4.4 release (but most likely a lot sooner).

Regarding trying to create a v4 function bot, the v4 SDK unfortunately does not currently support function-based bots.

@virajpangam it looks like you were unblocked as of your last comment in Microsoft/botbuilder-tools#596.

In the future, please stop by Microsoft/Botbuilder-tools to report issues and request feature requests for az bot.

@stevengum thanks for the heads up.
So you mean it will be possible to use az bot createto automatically create and retreive MSA appId and appPasswords?

Because my use case is to provision a bot through a bot channel registration using Azure DevOps and the Azure CLI. And therefore I need to grab the appPassword somehow...

@cloudguy-pro, my apologies for not seeing your response. As part of our refinement of the az bot CLI, we are pushing users to rely more on built in Azure CLI functionalities. As such, users should use az ad app create to create a MSA AppId and App Password; we've documented this scenario here: https://github.com/Microsoft/BotBuilder-Samples/blob/0cc96a35dee3cb5f4f8678d0c240ec5756eb8175/samples/csharp_dotnetcore/03.welcome-user/deploymentTemplates/README.md

Excerpt from the README.md:

1. Create an App registration

Your bot requires a Registered app that provides the bot access to the bot framework service for sending and receiving authenticated messages.

To create an App registration via the Azure CLI, perform the following command:

# Replace "displayName" and "AtLeastSixteenCharacters_0" with your specified values.
# The --password argument must be at least 16 characters in length, and have at least 1 lowercase char, 1 uppercase char, 1 numerical char, and 1 special char (e.g. !?-_+=)
az ad app create --display-name "displayName" --password "AtLeastSixteenCharacters_0" --available-to-other-tenants

This command will output JSON with the key "appId", save the value of this key for the ARM deployment, where it will be used for the "appId" parameter. The password provided will be used for the "appSecret" parameter.

It is also possible to create and manage Registered Apps via the Azure portal. Be sure to also create a password when creating the application.

Edit:

The README in the samples repo has been backed out, and it can be currently found under stevengum/arm-templates-for-sample.

Issue has been addressed