Closed clarked-msft closed 1 month ago
can you wrap the token in a Azure.Core.TokenCredential
object?
var config = new AzureAISearchConfig { Auth = AzureAISearchConfig.AuthTypes.ManualTokenCredential };
TokenCredential token = new ...;
config.SetCredential(token);
var memory = new KernelMemoryBuilder().WithAzureAISearchMemoryDb(config).Build();
or you could use Managed Identities:
var config = new AzureAISearchConfig { Auth = AzureAISearchConfig.AuthTypes.AzureIdentity };
var memory = new KernelMemoryBuilder().WithAzureAISearchMemoryDb(config).Build();
If you use a managed identity, you should be able to configure which identity in your deployment, without the need to configure the client/tenant ID/audience in KM:
AzureIdentity
(second snippet above)
Context / Scenario
I'm using AI Search as the DataIngestion MemoryDb in AzureUSGovernmentCloud. I'd like to use AzureIdentity auth but I do not see a way to pass the correct token audience to the search client.
What happened?
A token is requested with scope appropriate for commerical, which does not work in gov cloud.
Importance
a fix would make my life easier
Platform, Language, Versions
dotnet
Relevant log output
No response