Episode
FastTrack for Azure Season 3 Ep12: Azure OpenAI Application Identity & Security
with Bappaditya Banerjee, Lizet Pena De Sola, James Croft
In this session, we will cover how customer can enable authentication and authorization in their generative AI application using Entra ID.
We will also cover how to secure Azure OpenAI through APIM subscription or managed identity.
Learning objectives
- Use of EntraID or another IdP to authenticate and authorize end-users of Intelligent Applications.
- Register Intelligent App and AOAI API with Identity provider. Create policies to validate issued identity JWT token.
- Create Managed Identity to authenticate with the backend AOAI, inbound policy for auth of the requests against AOAI service.
- Extending this architecture to other LLM Services and External IdPs.
Chapters
- 00:00 - Welcome and introductions
- 02:58 - Learning objectives
- 05:28 - Azure OpenAI auth impediments
- 09:02 - Scenario 1: Using external identity providers or different Microsoft Entra ID tenants
- 12:03 - Scenario 2: Managing access for multiple client applications with alternative Azure OpenAI credentials
- 15:46 - Scenario 3: Unified authentication across disparate generative AI services
- 17:55 - Successful outcome
- 19:19 - Solution: Establish user authorization and generative AI service authentication via an API gateway
- 24:56 - User authentication and authorization via an identity provider
- 26:56 - Demo: User auth using Microsoft Entra ID
- 43:16 - Validating user identity to grant authorization to generative AI services
- 52:29 - Demo: Validating user authorization to Azure OpenAI via Azure API Management
- 01:01:47 - Authenticating with Azure OpenAI using Managed Identity
- 01:04:03 - Authenticating with other generative AI services
- 01:08:34 - Demo: Authenticating with Azure OpenAI using Managed Identity via Azure API Management
- 01:20:34 - Summary and conclusion
Recommended resources
Related episodes
- Full series: Learn Live: FastTrack for Azure Season 3
Connect
- Bappaditya Banerjee | LinkedIn: /in/bappaditya-banerjee-8860ba7
- Lizet Pena De Sola | LinkedIn: /in/lizetp
- James Croft | LinkedIn: /in/jmcroft
In this session, we will cover how customer can enable authentication and authorization in their generative AI application using Entra ID.
We will also cover how to secure Azure OpenAI through APIM subscription or managed identity.
Learning objectives
- Use of EntraID or another IdP to authenticate and authorize end-users of Intelligent Applications.
- Register Intelligent App and AOAI API with Identity provider. Create policies to validate issued identity JWT token.
- Create Managed Identity to authenticate with the backend AOAI, inbound policy for auth of the requests against AOAI service.
- Extending this architecture to other LLM Services and External IdPs.
Chapters
- 00:00 - Welcome and introductions
- 02:58 - Learning objectives
- 05:28 - Azure OpenAI auth impediments
- 09:02 - Scenario 1: Using external identity providers or different Microsoft Entra ID tenants
- 12:03 - Scenario 2: Managing access for multiple client applications with alternative Azure OpenAI credentials
- 15:46 - Scenario 3: Unified authentication across disparate generative AI services
- 17:55 - Successful outcome
- 19:19 - Solution: Establish user authorization and generative AI service authentication via an API gateway
- 24:56 - User authentication and authorization via an identity provider
- 26:56 - Demo: User auth using Microsoft Entra ID
- 43:16 - Validating user identity to grant authorization to generative AI services
- 52:29 - Demo: Validating user authorization to Azure OpenAI via Azure API Management
- 01:01:47 - Authenticating with Azure OpenAI using Managed Identity
- 01:04:03 - Authenticating with other generative AI services
- 01:08:34 - Demo: Authenticating with Azure OpenAI using Managed Identity via Azure API Management
- 01:20:34 - Summary and conclusion
Recommended resources
Related episodes
- Full series: Learn Live: FastTrack for Azure Season 3
Connect
- Bappaditya Banerjee | LinkedIn: /in/bappaditya-banerjee-8860ba7
- Lizet Pena De Sola | LinkedIn: /in/lizetp
- James Croft | LinkedIn: /in/jmcroft
Video URL
HTML iframe
Intermediate
AI Engineer
Developer
Microsoft Entra ID
Have feedback? Submit an issue here.