Not able to create text analytics resource in Azure Congnitive services - azure-cognitive-services

I am not able to create text Analytics resource in West US 2 region , due to following error
I have selected all default values ( for ex : I have selected storage type as V1 )
In Text Analytics , I want to analyze PDF , WORD , EXCEL docs to extract phrases , hence selected storage ( and not Cognitive Search )
{
"code": "InvalidTemplateDeployment",
"details": [
{
"code": "BringOwnFeatureNotEnabled",
"message": "Bring your own feature is not enabled for Subscription/SKU/Kind."
}
],
"message": "The template deployment 'TextAnalyticsCreate_Dx-20220130011000' is not valid according to the validation procedure. The tracking id is 'd62cf124-f927-4b00-b6b6-0f16ae94eadf'. See inner errors for details."
}

It seems like you are trying to use customer managed key in your Azure Cognitive Service deployment. This can't be done directly.
You need to first raise a request by using below link:
Cognitive Services & Applied AI Customer Managed Keys and Bring Your Own Storage access request
It takes 4-5 business days to get approved. Once approved, the feature responsible for the customer managed key will be enabled on the subscription. You won't get the above error after approval.

Related

Access Scope for Shared Calendar on Google Calendar API?

I am trying to build an application that will sync a in house calendar solution with the user's google calendar. It all works to retrieve events from the user's local calendar, but the shared calendar we use for things like vacation does not work. I use the Calendar List call to get all the calendars the user can access ( which will return the Id of the vacation calendar ) but whenever I try and use the list event call on the vacation calendar Id I get 404 error. I've double and triple checked that the Id is correct and the URL is formatted correctly, but the events never load.
I have noticed that the Oauth for my app states that it is allowing access to "Calendars that you own". I am thinking that it may be a permission issue since the user I'm testing with does not own the vacations calendar. I've tried adding every single scope I can find to the permissions for the app but it still gives me a 404 when trying to get the events from the calendar.
Does anyone have any scopes that I need to add to get this to work? Any suggestions on anything else to try?
Tried adding every scope to the Oauth app. Did not work, still says "Calendars that you own" on the Oauth screen.
I believe it's an Oauth scope permission issue because when I use "Try it" ( https://developers.google.com/calendar/api/v3/reference/events/list?apix=true#try-it ) I can successfully retrieve the events with the calendar Id. Also the Oauth screen for the "Try It" does not have the "Calendars that you own" stipulation
This is the error I recieve:
"error": {
"errors": [
{
"domain": "global",
"reason": "notFound",
"message": "Not Found"
}
],
"code": 404,
"message": "Not Found"
}
}

Unable to GET or POST Teams Tabs in Power Automate using the Office 365 HTTP connector

Trying to GET or POST Teams tabs.
I get the same error when trying to delete Planner plans.
ALL of these operations works with the EXACT same URI in Graph Explorer.
As you can see below getting Teams Tab works in one tenant (where I have no particular admin roles)
In the tenant where it is not working I am Global Admin and owner of the teams & planners in questions.
I have contacted MS support but don't have high expectations they will find a solution.
So:
Working with Graph Explorer
Working in one tenant but not another
Working with the premium HTTP connector.
What could this be about. I have matched the licenses between the two different tenants.
Any permissions deep in Azure missing? I am out of ideas, and this is quite important as I am building a project where they expect be to automate Tab creation and Planner removal.
My query:
Error (To the left is one tenant, to the rioght another where it is working.:
Full error:
{
"error": {
"code": "NotFound",
"message": "Not Found",
"innerError": {
"date": "2021-10-14T19:54:08",
"request-id": "xxx",
"client-request-id": "xxx"
}
}
}
Using Power Automate, tried to get list of tabs in Teams Channel using HTTP connector (Instead of using O365 HTTP connector as its giving "NotFound" error) and got success code 200.Got success code using Graph Explorer and Postman as well
Used the tenant where I am Global Admin and owner of the teams.
Steps followed:
Result:

Microsoft Graph API - sendMail API error - "The requested user 'foobar#private.com' is invalid."

I am trying to understand how to send mail using Microsoft Graph sendMail API after creating an Azure AD app with 'Application permissions' for Microsoft Graph 'Mail.Send' and 'User.Read'. I am successfully using the client_id, tenant_id and client_secret to obtain an apparently valid token and subsequently submitting a POST to the api like this (R code):
from_address <- "foobar#private.com"
url <- paste0("https://graph.microsoft.com/v1.0/users/", from_address, "/sendMail")
resp <- POST(url,
add_headers(.headers = c(content_type = "application/json",
Authorization = paste("Bearer", token))),
body = upload_file("mail.json"))
The content of "mail.json" is:
{
"message": {
"subject": "Meet for lunch?",
"body": {
"contentType": "Text",
"content": "The new cafeteria is open."
},
"toRecipients": [
{
"emailAddress": {
"address": "someone#somewhere.com"
}
}
]
}
}
However, I get this 404 response:
"{\"error\":{\"code\":\"ErrorInvalidUser\",\"message\":\"The requested user 'foobar#private.com' is invalid.\"}}"
The Microsoft account I am using is private and the address represented above with foobar#private.com is the main 'signin' mail address for the account. I'm not sure if this user needs some special permissions or if it has to be a "corporate account". The plan is to use this within a corporate Microsoft account to send mails but I am currently testing with a private account to determine how it works.
The syntax for the call is
POST /users/{id | userPrincipalName}/sendMail
The tricky part is, as far as I can tell, personal Microsoft accounts don't have a userPrincipalName. Your "foobar#private.com" is an email address, but it isn't used as an identifier within Azure Active Directory or Graph.
Instead, you have to use your ID. You can get this with
GET /me
and the ID is the id field in the response.
Note that you may run into a separate problem with using an email address in the call, when it comes to work & school accounts. Commonly, people will have an address like "firstname.lastname#company.com", but this is only an alias for convenience; their userPrincipalName might be something more cryptic like "id123456#companytenantname.com". For this reason, it's best to stick to IDs throughout.
The description of how to POST to the Microsoft Graph SendMail api are correct in the question. The problem was only in the configuration of the application in Microsoft Azure portal Active directory. The administrator of the tenant created an app with two permissions with 'Admin consent'. The first is a Delegated permission, Microsoft Graph: 'Sign in and read user profile' the second is an Application permission, Microsoft Graph: 'Send mail as any user'. The first is used to get a token that is valid for 1 hour and the second is used in the code you see in the question to send the mail itself with the aquired token. I have been told that there is a restriction in place that only makes it possible to send mail from one specific 'no-reply' address at the organization so you can't use the api to impersonate someone else. It is not clear to me how that restriction works just that is does.

Upgrade dailyLimitExceededUnreg

I have a wordpress pluging to booking class on my gym. This wordpress plugin works with Google calendar API and since yesterday I get the same error.
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "dailyLimitExceededUnreg",
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.",
"extendedHelp": "https://code.google.com/apis/console"
}
],
"code": 403,
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup."
}
}
Would be possible upgrade this limit? I don't care if I have to paid but need some solution. I have more or less 100 users.
In order to authenticate yourself when using the Google Calendar API, which will allow you considerably larger quotas, you must include an API key in your request's URL. That can be done by simply appending the following query string to it: key=API_key
Where API_key is the key obtained for that project.
In order to obtain an API key you can follow the steps below:
Go to the API Console.
From the projects list, select a project or create a new one.
If the APIs & services page isn't already open, open the left side menu and select APIs & services.
On the left, choose Credentials.
Click Create credentials and then select API key.
Reference
Setting up API keys

google cloud vision api quickstart error opening file

I am following the following Google Cloud Vision quickstart:
https://cloud.google.com/vision/docs/quickstart
This is using the API Explorer, and I get
Error Opening File
I have created a bucket named vision2018, and checked Share Publicly for the file.
My portion of the request related to the file is:
"image":
{
"source":
{
"imageUri":"gs://vision2018/demo-image.jpg"
}
}
The response I get is:
{
"responses": [
{
"error": {
"code": 5,
"message": "Error opening file: gs://vision2018/demo-image.jpg\"."
}
}
]
}
}
What do I need to specify in order to access files in my GCP storage?
Alternatively, I read other Stack Overflows that talk about GOOGLE_APPLICATION_CREDENTIALS, Simple API Key, and "Create Service account key and download the key in JSON format", ... but these seem to be giving commands in the shell, which this quickstart doesn't even open.
Is there initial setup assumed prior to the quickstart?
I am not ready to call the api from code
You might want to doublecheck your request. I went to the quickstart, replaced the placeholder imageUri with gs://vision2018/demo-image.jpg and it worked just fine. The error message you posted is what would be displayed if you had given gs://vision2018/demo-image.jpg\" instead.
Regarding the second part of your question: these are authentication methods. In this particular case, under Authentication you will find a drop down which lets you chose between API key and Google OAuth 2.0. If you chose the former, you don't need to do anything as a demo key will be used just for the purposes of the quickstart. If you chose OAuth 2.0, a popup will appear prompting you to authenticate with a google account. All in all, what you need to do is follow step-by-step the instructions given by the quickstart.
I was receiving a similar JSON response from the Google Vision API:
"error": {
"code": 7,
"message": "Error opening file: gs://bucket/file.jpg."
}
The fix was to set the GCS file's permission to public-read:
gsutil acl set public-read gs://bucket/file.jpg
Finally I investigated what happened. The problem is that your API token is only grant for process the image (allow right to use OCR engine), but that API is not also for accessing object in GS.
Therefore "message": "Error opening file:
The problem is similar with this post:Authorize Google Cloud Vision API to Google Storage image Maybe the error message is a bit dumb than many years ago.
The solution also mentioned in the answer section, but if you want some thing more clear (expose security side-effect) here it is: Set GCS read-only public
Reason I want to keep using API because it's better for use it in mobile application, we cannot give the OAuth2.0 to any phone. However, still find a way to secure the read-public bucket.

Resources