Prerequisites
- A Microsoft Entra ID application registered in your Azure tenant
- Azure OpenAI or Azure AI Foundry resource deployed
Azure Configuration
Get Application Details from Entra ID
Navigate to Azure Portal > Microsoft Entra ID >
App registrations and select your application.From the Overview page, note the following values:
- Application (client) ID
- Directory (tenant) ID
Create a Client Secret
In your app registration, navigate to Certificates & secrets > Client secrets >
New client secret.Provide a Description and choose an Expires duration, then click Add.
Assign RBAC Role to App Registration
Navigate to your Azure resource > Access control (IAM) > Add role assignment.
- Azure OpenAI
- Azure AI Foundry
Assign Cognitive Services OpenAI User role to your app registration.Learn more about Azure OpenAI RBAC
Role assignments may take a few minutes to propagate.
TrueFoundry Configuration
Add Provider Account with Client Secret Authentication
Navigate to AI Gateway > Models and select your provider (Azure OpenAI or Azure AI Foundry).Click Add Account and select Azure Entra client secret based auth. Fill in the following:
| Field | Description |
|---|---|
| Tenant ID | Directory (tenant) ID from app registration overview |
| Client ID | Application (client) ID from app registration overview. You can also use a TrueFoundry Secret here. |
| Client Secret | The client secret Value you copied from Azure. You can also use a TrueFoundry Secret here. |
For Azure AI Foundry, client secret authentication is configured at the model level,
not the account level.
Add Models and Test
Add your models as described in the Azure OpenAI or
Azure AI Foundry documentation.Test the connection using the Playground to verify authentication works.