Open Randerd opened 1 year ago
hophanms
commented
1 year ago You may need to edit app.py for below lines
# Comment these two lines out if using keys, set your API key in the OPENAI_API_KEY environment variable instead
openai.api_type = "azure_ad"
openai_token = azure_credential.get_token("https://cognitiveservices.azure.com/.default")
openai.api_key = openai_token.token
Murthy582
commented
1 year ago You may need to edit
app.pyfor below lines# Comment these two lines out if using keys, set your API key in the OPENAI_API_KEY environment variable instead openai.api_type = "azure_ad" openai_token = azure_credential.get_token("https://cognitiveservices.azure.com/.default") openai.api_key = openai_token.token
Not only these three lines, there are other references to openai_token in app.py, comment all those lines and refer it from environment variable if you have set OPENAI_API_KEY
helenaj18
commented
1 year ago I'm trying to run the demo locally. Everything builds and the webpage opens, But when I try to enter a chat I'm met with the error above. I've tried replacing the openai.app_key with the one provided but that just returns an Unauthorized error for some reason.
Has anyone managed to fix this issue? This is the error: openai.error.APIError: Invalid response object from API: '{ "statusCode": 401, "message": "Unauthorized. Access token is missing, invalid, audience is incorrect (https://cognitiveservices.azure.com), or have expired." }' (HTTP response code was 401)
The API key works if I make a simple chatCompletion, so I don't think it's an issue with the key itself.
petrovfedor
commented
1 year ago I use key1 as openai token and get the same error as @helenaj18 and @Randerd.
mogokhalifa
commented
1 year ago I had this issue and followed the steps from: https://learn.microsoft.com/en-us/azure/ai-services/openai/how-to/managed-identity to fix it.
connorwehrum
commented
1 year ago I had this issue and followed the steps from: https://learn.microsoft.com/en-us/azure/ai-services/openai/how-to/managed-identity to fix it.
I was able to get past the error mentioned in this post and am now getting: azure.core.exceptions.ClientAuthenticationError: Operation returned an invalid status 'Unauthorized'
Unfortunately, other issues that mention this problem for users trying to run the solution locally are unresolved. I will update if I find any new information but currently stuck.
Update: After speaking with @pamelafox, it was brought to my attention that there is a step I was missing when running locally. I was under the impression that I did not have to run azd up, but it is a required step and is in the readme. These resources (such as the storage account and cognitive search) are needed in order to run the solution which azd up deploys as well as taking care of some of the permissions issues such as what I and many were experiencing here. One of the steps it will run is a script found here which will update your account to have the necessary permissions to use managed identity with Azure OpenAI and the other services.
See #548 for more clarity on the readme.
azure-walker
commented
1 year ago Check the settings in the Cognitive Services Search Service. Go to Keys in the settings and see if API Key is selected. You can change the settings to RBAC or to Both
github-actions[bot]
commented
10 months ago This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this issue will be closed.
cforce
commented
1 month ago I have that issue not for local run/deployment but when executed regular on azure
I am wondering which service/user identity i used to access the search service and where and how the required roles are granted in bicep bor someone else, as the mentioned script is also needed to setup own user identity with that roles, but shall not be needed in cloud deploymnt where rbac is needed at least not when the python webapp spi has access to serach service via rbach roles, but how can i sure this are setup correctly? Where do find the spi id which used and shall i exepect the same roles in acess control of search service like the script manually sets for user indetities? Wher is thta done? In bicep? How to verify all is set correctly manually?
umarbutler
commented
2 weeks ago I solved this by using my Azure OpenAI API key directly with openai instead of via azure-identity (ie, from azure.identity import DefaultAzureCredential, get_bearer_token_provider).
Its worth noting that I followed Azure documentation to a T in setting up my environment and code, in particular, this tutorial. Seeing as there are 11 thumbs up of this issue, this issue would appear to be not a user error.
Minimal steps to reproduce
Any log messages given by the failure
OS and Version?
I'm trying to run the demo locally. Everything builds and the webpage opens, But when I try to enter a chat I'm met with the error above. I've tried replacing the openai.app_key with the one provided but that just returns an Unauthorized error for some reason.