Share via

Azure Open AI – Chat - My own data – Add data source - Principal does not have access to API/Operation error

Octavian Mocanu 20 Reputation points
2024-10-10T09:58:15.1833333+00:00

I want to create a chatbot with Azure OpenAI trained with my own data so I followed this tutorial  

https://learn.microsoft.com/en-us/azure/ai-services/openai/use-your-data-quickstart?pivots=programming-language-studio&tabs=command-line%2Ctypescript%2Cpython-new

Data for chat has been uploaded to an Azure Storage account. Data source used on adding to Azure OpenAI Chat playground was Azure Blob Storage (preview).

All resources (Azure OpenAI and Azure Storage Account) were created in Switzerland North Azure location.

Model used by chat is gpt-4-32k.

All connectivity is via System Managed Identity (as depicted bellow) and all RBAC permissions have been granted accordingly based on recommendations from wizard security validation during adding data source:

User's image

Azure Storage Account CORS has been turned on (during another attempt when used Upload Files):

User's image

On Save and Close I’ve got this error (image bellow):

We couldn't connect your data

Principal does not have access to API/Operation.

User's image

I enabled logging to both resources (Azure OpenAI and Azure Storage Account) and the only potentially related log items were of the following type::

User's image

User's image

Could you please guide me to fix this error?

Azure OpenAI Service
Azure OpenAI Service
An Azure service that provides access to OpenAI’s GPT-3 models with enterprise capabilities.
3,258 questions
Accepted answer
  1. AshokPeddakotla-MSFT 34,861 Reputation points
    2024-10-10T12:18:28.9433333+00:00

    Octavian Mocanu Greetings & Welcome to Microsoft Q&A forum!

    We couldn't connect your data Principal does not have access to API/Operation.

    This could happen for few reasons. Could you confirm if you have assigned yourself either the Cognitive Services OpenAI User or Cognitive Services OpenAI Contributor role?

    Also, make sure that you have added Storage Blob Data Contributor role as well.

    To allow access to your Storage Account from Azure OpenAI and Azure AI Search, you need to set up Storage Account to bypass your Azure OpenAI and Azure AI Search as trusted services based on managed identity.

    For more details, see Securely use Azure OpenAI On Your Data.

    Do let me know if you need any further help.

    I would be happy to assist you!

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.