Principle:Microsoft Agent framework Azure Chat Client Configuration
| Knowledge Sources | |
|---|---|
| Domains | AI_Infrastructure, Azure, Agent_Architecture |
| Last Updated | 2026-02-11 17:00 GMT |
Overview
A configuration pattern that establishes authenticated connections to Azure-hosted OpenAI deployments using Azure Active Directory credentials or API keys.
Description
Azure Chat Client Configuration extends the general chat client pattern with Azure-specific authentication and deployment mechanisms. It supports two creation paths: (1) direct Azure OpenAI endpoint connection with API key or Azure AD token, and (2) Azure AI Foundry project endpoint connection via an AIProjectClient. This principle addresses the enterprise requirement for managed identity authentication, regional deployment targeting, and integration with Azure's security and compliance infrastructure.
Usage
Use this principle when deploying agents in Azure environments where you need managed identity authentication (via TokenCredential or AzureCliCredential), Azure AD-based access control, or connection through Azure AI Foundry projects. This is the recommended approach for production enterprise deployments where direct OpenAI API access is not available or not permitted.
Theoretical Basis
Azure Chat Client Configuration layers Azure-specific concerns on top of the provider abstraction:
# Two creation paths (pseudocode)
# Path 1: Direct Azure OpenAI
client = AzureOpenAIResponsesClient(
endpoint=azure_endpoint,
credential=AzureCliCredential(),
deployment_name=deployment,
)
# Path 2: Via Foundry Project
client = AzureOpenAIResponsesClient(
project_endpoint=foundry_url,
credential=credential,
)
Both paths produce a client implementing SupportsChatGetResponse, identical in behavior to the OpenAI client from the agent's perspective.