Azure Computer Vision API

Mayank Goyal 16

Hi,

When we call computer vision API for OCR, we pass image and authentication key via header and get back response. This works great, however I want to check if there is a way to further secure this communication with some certificate and if Yes, how exactly it works?

1 answer

romungi-MSFT 43,676 Reputation points Microsoft Employee

2020-10-09T07:35:48.937+00:00

@Mayank Goyal Yes, if you are using the REST API call the key needs to be set via the header. If you are planning to use the SDK then you can set the keys as an environment variable or get the secrets from Azure key vault and pass to the computer vision client.

You can also use a custom domain to create your cognitive services resource and tie this up with a Azure Active Directory for RBAC access. This is only supported by some of the cognitive services and detailed steps to create them are available here.
Please sign in to rate this answer.
romungi-MSFT 43,676 Reputation points Microsoft Employee

2020-10-20T08:44:19.693+00:00

@Mayank Goyal Did you get a chance to use the above suggestion to further secure your calls to the API?

Mayank Goyal 16 Reputation points

2020-12-19T06:17:27.4+00:00

@romungi-MSFT - Thanks a lot for your response. I have few questions on this, if you can provide detailed input will be very helpful.

1) I believe Azure Vision read analyse API has both options for auth - via API key and with AAD.
2) I want to understand if I compare API key vs AAD, which one is more secured mechanism for authentication and why?
3) For AAD, I believe we have to first register custom subdomain on Azure portal which will generate a custom end point for vision API. Along with that, I believe application ID and password will also be required. In our case we are using Rest API to call Azure vision from external program. The link doesn't suggest how will I get the token first with AAD using application ID and password.

I believe it will be 2 API calls, first one to get the token and 2nd one to call API along with token.
Also I believe each time I call the vision API, will have to request token first.

If you can help with detailed steps, will be very helpful.
Sign in to comment

Share via

Azure Computer Vision API

1 answer