Closed BlauerPulli closed 1 year ago
@trrwilson, do you know if this setup is intended to work with Identity? Or is using an APIKey the only way it works?
Thanks for the tag, @richardpark-msft ! @BlauerPulli -- thank you for the detailed description and it's certainly nothing on your end; the Use Your Data feature (via the underlying /extensions/chat/completions
REST route) currently only handles linked resource authentication via API key use. Incorporating other authentication options is something the feature team is actively investigating and, while we can't yet put an ETA in writing, we're optimistic it'll be "soon."
Hey @trrwilson, thanks for the answer. It's nice to hear that this will coming soon!
Bug report
v0.3.0
v1.3.1
1.21
Hey, i am using my gpt model deployed in a azure openai instance via DefaultAzureCredential mechanism from the azidentity package which works very well with my local az login + managed identity of the hosted application. If i now extend the chatcompletions request with options for using my cognitive search index it only works if i add the required marked search key. This shouldn't be the case if the authentication workflow for the whole openai client works properly. To exclude azure rbac issues i assigned the openai instances identity also owner permissions over the resource group that contains the whole setup.
Additional Info (not really know if this is helpful here): Found the cognitive search setting API access control under Keys to which was per default
API keys
. It dropped this error:Invalid AzureCognitiveSearch configuration detected: Azure Search Error: 403, message='Server responded with status 403. Error message: ', url=URL('<instance-url>/indexes/<index-name>?api-version=2021-04-30-Preview')\nServer responded with status 403.
Switch it to
Both
this error message appears:Error with API access control is: Gateway cannot authenticate upstream services. Please contact Microsoft for help.
Thanks in advance for your help!