![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 93%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Azure AI Language
An Azure service that provides natural language capabilities including sentiment analysis, entity extraction, and automated question answering.
421 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 88%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESA%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 52%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
First, make sure that the UMI has the required role assignments for the Azure Language resource:
- Assign the Cognitive Services Contributor role to the UMI in the Azure resource that you created.
- You can do this by navigating to the Azure Portal > Azure Language Resource > Access Control (IAM) > Add Role Assignment, and selecting Cognitive Services Contributor. Ensure that the UMI is added to this role.
Since you are using User Managed Identity, it needs to have the proper API permissions set up. Go to Azure Active Directory > App registrations > Your UMI > API Permissions and ensure that your UMI has the necessary permissions to access the Azure Language resource.
If the API permissions are not listed, you may need to grant them explicitly for the Azure Language Service.
Ensure that Azure RBAC is properly configured since local authentication is disabled. With Disable Local Auth = true, Azure will only allow requests authenticated via Azure Active Directory (such as Managed Identity), and local keys are not valid.
To enforce RBAC, you can review the security settings in the Azure Language Resource and ensure that the UMI has sufficient permissions.
If the portal does not support creating the CLU project due to Disable Local Auth, you might need to use Azure CLI or an SDK to create the CLU project programmatically.
az cognitiveservices account create --name "<your-resource-name>" --resource-group "<your-resource-group>" --kind "Language" --sku F0 --location "<your-location>" --identity-type UserAssigned --user-assigned-identity "<your-umi-id>"
Then, use the CLU SDK or API to create the project. Ensure that the UMI is passed as part of the authentication flow.
Ensure that your Azure subscription has sufficient quota to create the CLU project, and there are no resource limits that might prevent the creation of new projects.
If you’ve followed these steps and the issue persists, it could be a configuration or platform-specific issue. In that case, reaching out to Microsoft Support may help resolve the situation, as they can investigate the security configurations and ensure that Managed Identity is properly integrated with the Language Service.