In earlier post we have tested 30+ features of various Azure Foundry Open AI services.
Post: https://pratapreddypilaka.blogspot.com/2026/04/azure-ai-services-complete-guide-to.html
Most of the code have saved all the Open AI service keys in an environment file following Python best practice. But this is done only for practice purpose, just to get familiar with Open AI services and how to access those services using Python code.
Saving the Access keys in code is the worst possible security blunder you can do. Access keys will completely bypass all the RBAC controls and give complete access to anyone.
What are the ways to authenticate Azure Open AI services without exposing the keys?
- System Assigned Managed Identity — Auto-created identity tied to an Azure resource (VM, App Service, Functions)
- User Assigned Managed Identity — Standalone identity you create and attach to one or more Azure resources
- Service Principal + Client Secret — App registration with a secret, works anywhere including on-prem
- Service Principal + Certificate — Same as above but uses a certificate instead of secret, more secure
- Azure CLI Credential — Uses the logged-in
az loginidentity, ideal for local dev/testing - Interactive Browser Credential — Pops a browser login window, good for desktop tools
- Device Code Credential — Prints a code to enter at a URL, useful for headless servers
- DefaultAzureCredential — Tries multiple methods automatically in order, recommended for most cases
- Workload Identity — Federated keyless auth for pods running in Azure Kubernetes Service (AKS)
- Federated Identity Credential — Allows external IdPs like GitHub Actions or GitLab to authenticate without any secrets
Managed Identity is the preferred method for Azure workloads to access Open AI services.
In this article we will have a look at how we can authenticate using Managed Identity.
For this we need a VM up on which we will enable system managed Identity.
I created a Linux VM, and enabled the managed identity.
Now, go to Foundry, go to Access control, and Add a new role assignment for the managed identity we created earlier with role being "Cognitive Services OpenAI User".
Now create the rules for NSG to open the communication between OpenAI services. This is necessary if you are using a private endpoint for the OpenAI instance.
Login to your virtual machine.
Now in order to test the connectivity, I am installing Python and Azure-Identity.
# Python & pip
sudo apt update && sudo apt install python3-pip -y
# Required packages
pip3 install openai azure-identity
Once all the dependencies are installed, we will create a file with the below code.
from azure.identity import ManagedIdentityCredential
from openai import AzureOpenAI
import os
# ── Config ──────────────────────────────────────────────
AZURE_OPENAI_ENDPOINT = "https://prata-mhl58p7n-eastus2.cognitiveservices.azure.com/"
DEPLOYMENT_NAME = "gpt-5-chat" # e.g. gpt-4o
API_VERSION = "2024-02-01"
# ────────────────────────────────────────────────────────
# 1. Obtain a token via Managed Identity (no keys!)
credential = ManagedIdentityCredential()
token = credential.get_token("https://cognitiveservices.azure.com/.default")
# 2. Build AzureOpenAI client using the bearer token
client = AzureOpenAI(
azure_endpoint = AZURE_OPENAI_ENDPOINT,
api_version = API_VERSION,
azure_ad_token = token.token, # <-- token-based, not key-based
)
# 3. Call the model
response = client.chat.completions.create(
model = DEPLOYMENT_NAME,
messages = [
{"role": "system", "content": "You are a helpful assistant."},
{"role": "user", "content": "Hello! Tell me more about Managed identity authentication without using access keys for Azure Open AI"}
]
)
print("✅ Response:", response.choices[0].message.content)
Now run the python file python3 chat.py
You will get the response from your gpt-5-chat model, without using access keys.
