Disabling Azure Active Directory Authentication for AOAI WebChat

菅原 拓哉 0 Reputation points
2023-12-04T06:34:12.2333333+00:00

I recently deployed an app from the AOAI Playground and noticed that it's now configured with Azure Active Directory authentication enabled due to recent updates. I find this inconvenient as I want the app to be accessible to the general public without authentication. I tried disabling the 'App Service Authentication' in the App Service settings, but now when I access the Web UI, it displays "authentication not configured" and I am unable to use the chat feature. Is there a way to use AOAI's WebChat without requiring account authentication? First, I thought it was a matter of account authorisation; however, it happens the same way with my admin account.

Azure OpenAI Service
Azure OpenAI Service
An Azure service that provides access to OpenAI’s GPT-3 models with enterprise capabilities.
2,611 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,356 questions
{count} votes

1 answer

Sort by: Most helpful
  1. AshokPeddakotla-MSFT 30,241 Reputation points
    2023-12-04T09:56:36.86+00:00

    菅原 拓哉 Greetings & Welcome to Microsoft Q&A forum!

    I tried disabling the 'App Service Authentication' in the App Service settings, but now when I access the Web UI, it displays "authentication not configured" and I am unable to use the chat feature.

    I understand that you have already tried setting the Authentication settings to Disabled in the AppService configuration. If you choose to deploy a web app, see the important considerations for using it.

    When you disable the 'App Service Authentication' in the App Service settings, you are not able to use the chat feature and will receive the the below error.

    User's image

    Is there a way to use AOAI's WebChat without requiring account authentication? First, I thought it was a matter of account authorisation; however, it happens the same way with my admin account.

    This is by design. By default, the app will only be accessible to you. You can add authentication for example, restrict access to the app to members of your Azure tenant by Add an identity provider.

    If unauthenticated requests are allowed, any client can call the app and your code will need to handle both authentication and authorization. Learn more

    To make the app accessible to the general public without authentication, you can remove the authentication code from the app's source code.

    However, this is not recommended as it can make your app vulnerable to security threats.

    Alternatively, you can create a separate version of the app that does not require authentication and deploy it to a different endpoint.

    This way, you can have both a secure version of the app and a public version of the app.

    I would suggest you, check the sample demonstrates a few approaches for creating ChatGPT-like experiences over your own data.

    I hope this helps. If you have any further questions or concerns, please let me know.


    If the response helped, please do click Accept Answer and Yes for was this answer helpful.

    Doing so would help other community members with similar issue identify the solution. I highly appreciate your contribution to the community.

    0 comments No comments