How to fix 'code': 400, 'message': 'Failed to get managed identity token.'?

Question

Hi folks!

I am new to Azure AI web app deployment and currently testing out a simple chatbot web app. In the Azure AI Studio playground, I selected a deployed LLM model and added Retrieval-Augmented Generation (RAG), then deployed it using the "Deploy as a web app" button.

After numerous tweaks and configuration adjustments, I successfully deployed the web app and can access it via the URL: https://myapp.azurewebsites.net/. However, when I try to interact with the chatbot, I encounter an error.

Error
Error code: 400 - {'error': {'requestid': 'b1f2f881-0777-4380-b900-73bacd68c20d', 'code': 400, 'message': 'Failed to get managed identity token. Response: {"error":{"code":"ManagedIdentityIsNotEnabled","message":"Managed Identity (MI) is not set for this account while the encryption key source is \'Microsoft.KeyVault\', customer managed storage or Network Security Perimeter is used."}}'}}

I have already configured my app authentication by following this https://learn.microsoft.com/en-us/azure/ai-studio/tutorials/deploy-chat-web-app to configure app authentication, and I have assigned the Key Vault Secrets User role to the web app's Managed Identity to allow access to Azure Key Vault for retrieving secrets. Despite following the steps (though the tutorial seems somewhat outdated), the issue persists.

Could you please assist me in resolving this error? I believe there may be some additional configuration required.

Thank you for your help!

Answer 1

I encountered this problem as well but only had to populate  AZURE_SEARCH_KEY with the key from the Azure AI Search service and it worked.

Answer 2

Hi, please see the answer in this link:
https://learn.microsoft.com/en-us/answers/questions/2080322/how-to-fix-managedidentityisnotenabled-error-in-az

Hope this helps!