msbot get production not functioning according to documentation

Project

Name: Virtual Assistant

Language: C#

Description

I'm following the instructions in https://github.com/Microsoft/AI/blob/master/docs/virtual-assistant/csharp/gettingstarted.md.

The documentation states, "The first command shown below will retrieve the appId (ApplicationId) and appPassword (Client Secret) that you need to complete this step." The documentation is referencing msbot get production --secret YOUR_SECRET.

It's not clear what is meant by YOUR_SECRET. I imagine that that this could be the .bot file secret or the secret that's created with the application registration in the Azure Portal.

Running msbot get production --secret BOT_FILE_SECRET (which is how the documentation should be written) returns

{
    "type": "endpoint",
    "id": "108",
    "name": "production",
    "appId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "appPassword": "$appSecret",
    "endpoint": "https://name-for-my-test.azurewebsites.net/api/messages"
}

appPassword isn't returned. This makes the next step (shown below) particularly confusing.

az bot authsetting create --resource-group YOUR_BOT_NAME --name YOUR_BOT_NAME --setting-name "YOUR_AUTH_CONNECTION_DISPLAY_NAME" --client-id "YOUR_APPLICATION_ID" --client-secret "YOUR_APPLICATION_PASSWORD" --service Aadv2 --parameters clientId="YOUR_APPLICATION_ID" clientSecret="YOUR_APPLICATION_PASSWORD" tenantId=common --provider-scope-string "Calendars.ReadWrite Mail.ReadWrite Mail.Send Tasks.ReadWrite Notes.ReadWrite People.Read User.ReadBasic.All Contacts.Read"

The documentation isn't explicit when referencing the many secrets and IDs.

The secret that is retrieved from the Azure Portal after creating the application registration (sometimes referred to as client secret). There's also an ID here (sometimes called an application ID and sometimes called a client ID).
The secret used to decrypt the .bot file.
The 3 secrets that are automatically generated and found inside the .bot file. All of these are labelled appPassword. These are all accompained by 3 additional appId.

In the command above, YOUR_APPLICATION_PASSWORD could be the secret retrieved from the application registration or it could be one of the 3 inside the .bot file. Similarly, YOUR_APPLICATION_ID could be the ID of the application registration or it could be one of the 3 found inside the .bot file.

To Reproduce

Follow steps in https://github.com/Microsoft/AI/blob/master/docs/virtual-assistant/csharp/gettingstarted.md. Note that I had to manually create my application registration and retrieve my application ID and password/secret to avoid ERROR: Unable to provision MSA id automatically. Please pass them in as parameters and try again.

Expected behavior

I expect to run

msbot get production --secret CLEARLY_STATE_WHAT_SECRET_TO_USE

and get a response that clearly states what secret to use in

az bot authsetting create --resource-group YOUR_BOT_NAME --name YOUR_BOT_NAME --setting-name "YOUR_AUTH_CONNECTION_DISPLAY_NAME" --client-id "CLEARLY_STATE_WHICH_ID_TO_USE" --client-secret "CLEARLY_STATE_WHICH_PASSWORD_TO_USE" --service Aadv2 --parameters clientId="CLEARLY_STATE_WHICH_ID_TO_USE" clientSecret="CLEARLY_STATE_WHICH_PASSWORD_TO_USE" tenantId=common --provider-scope-string "Calendars.ReadWrite Mail.ReadWrite Mail.Send Tasks.ReadWrite Notes.ReadWrite People.Read User.ReadBasic.All Contacts.Read"

Alternatively, if msbot is functioning as intended by returning $appSecret, make the documentation explicit such that users can follow it without prior knowledge.

Either way, it would be great if the documentation was more explicit when referencing the many secrets, passwords and IDs that are created and/or used throughout.

Screenshots

None for now. Can update as needed.

Additional context

None for now. Can update as needed.

microsoft / botframework-solutions