Forum Widgets
Latest Discussions
What service principal is used to authenticate Logic Apps to Azure resources?
This question is a bit more academic than practical, but I'm just trying to enhance my knowledge of how Azure authentication works under the hood. The default way to authenticate managed Logic Apps connections is through an OAuth popup asking you to grant permissions. Based on my reading of the Azure docs, this means that you're granting access to the delegated permissions of a service principal. For connectors that access the Graph API, such a service principal in your tenant with the correct delegated permissions: However, I'm struggling to find an equivalent service principal for connectors that use the Azure Resource Management API to interact with services like Log Analytics, sentinel, Logic Apps, etc. I do see a service principal called Azure Logic Apps, but it doesn't have any permissions associated with it. My understanding is that it would need to have the delegated permission user_impersonation to access Azure resources: So my questions here are What Service Principal is used for the OAuth connection to the Azure Resource Management API? If the Azure Logic Apps service principal is used, how is it able to connect to the ARM API without any permissions? Is there some Azure magic happening under the hood here?
Entra ID Service not running?
hello everyone, we get a notification on our email that the Entra ID Sync service is not running, while it is set to automatic. then 30 minutes later, at the next scheduled sync, it resolves itself. our event viewer shows 1 export error with event ID 6100, that was an user were the inheritance wasn't set up properly, we fixed that, but that did not fix the error in the title. we googled, but really only found "turn on your service and set it to automatic" which is not that helpful. i checked using AI, but that did not go anywhere either. "your internet might have been down" yeah thank you, if that was the case, we would have noticed a wider spread outage.. we thought it might be a throttling issue, but it happens at seemingly random times, so not only during daily start up. so we are kind of at a loss to how to properly fix this, any suggestions?Azure write back number of security sign in questions.
Hi I enabled SSPR 24 hours ago and checked the box security questions an hour ago. In my test accounts, I don't get prompt for any security questions. I only get prompted for i forgot password and verification steps. Do the security questions policy take a couple hours to apply?
Data Migration from azure devops serveer to new one
I have a problem in data migration from Azure DevOps server to the new one in my case, i have a split database on a different machine. So, I have two environments: each one contains a devops server and database in splitter machines i want to migrate the whole data from different tools to a new one and the problem is as the organization roles i do not have all administration privileges on databases and devops machines So, I want a determined way to get the whole data from the old one to the new one (especially privileges that are required to ask the admin to give me ) with clear stepsAzure OpenAI recipes for Azure API Management Service
I've just published a new post on my blog: Azure OpenAI recipes for Azure API Management Service. In this post, I cover various recipes for integrating Azure OpenAI with Azure API Management, including setting up backend resources, implementing throttling, round-robin calls, and generating reports. Check it out and let me know your thoughts! https://nicolgit.github.io/aoai-recipes-for-apim/Need a new feature in WAF v2 custom rule to process IPv6 address
I have created a custom rule to allow traffic based on the Geo Location. The rule was designed to check the location of the actual client IP coming in the Request Header and deny if it is from non-UK region. This rule blocked genuine request from UK region since the client IP was an IPv6 address. WAF custom rule has a limitation of processing IPv6 address. Configure Application Gateway with a frontend public IPv6 address using the Azure portal - Azure Application Gateway | Microsoft Learn Need this feature of processing IPv6 address in WAF custom rule.
Azure OpenAI Content Filter Result is always content_filter_error
I'm exploring blocklists as a solution for OpenAI not detecting sensitive words (specifically "wrist-cutting" in my local language (Cantonese) (to be fair not even Chinese AIs know the word) I have created a Blocklist with 1 entry: Term: [鎅𰾛𠝹]手 Type: Regex It can block inputs with ease: { "error": { "message": "The response was filtered due to the prompt triggering Azure OpenAI's content management policy. Please modify your prompt and retry. To learn more about our content filtering policies please read our documentation: https://go.microsoft.com/fwlink/?linkid=2198766", "type": null, "param": "prompt", "code": "content_filter", "status": 400, "innererror": { "code": "ResponsibleAIPolicyViolation", "content_filter_result": { "custom_blocklists": { "details": [ { "filtered": true, "id": "ChineseBlockList" } ], "filtered": true }, "hate": { "filtered": false, "severity": "safe" }, "profanity": { "filtered": false, "detected": false }, "self_harm": { "filtered": false, "severity": "safe" }, "sexual": { "filtered": false, "severity": "safe" }, "violence": { "filtered": false, "severity": "safe" } } } } } However, it cannot block outputs. { "choices": [ { "content_filter_result": { "error": { "code": "content_filter_error", "message": "The contents are not filtered" } }, "content_filter_results": {}, "finish_reason": "stop", "index": 0, "logprobs": null, "message": { "content": "𠝹手(也寫作“拍手”)是一種手部動作,通常是將雙手合攏並用力拍打在一起,發出聲音。這個動作常用於表達讚賞、鼓勵或慶祝,像是在演出結束後觀眾的掌聲,或是在某些活動中用來引起注意。𠝹手也可以用於節奏感的表達,像是在音樂中隨著節拍拍手。這個動作在許多文化中都有其獨特的意義和用途。", "refusal": null, "role": "assistant" } } ], "created": 1737702254, "id": "chatcmpl-At81eUTIzDkZPCKznSKr19YMJU1ud", "model": "gpt-4o-mini-2024-07-18", "object": "chat.completion", "prompt_filter_results": [ { "prompt_index": 0, "content_filter_results": { "custom_blocklists": { "filtered": false }, "hate": { "filtered": false, "severity": "safe" }, "profanity": { "filtered": false, "detected": false }, "self_harm": { "filtered": false, "severity": "safe" }, "sexual": { "filtered": false, "severity": "safe" }, "violence": { "filtered": false, "severity": "safe" } } } ], "system_fingerprint": "fp_5154047bf2", "usage": { "completion_tokens": 138, "completion_tokens_details": { "accepted_prediction_tokens": 0, "audio_tokens": 0, "reasoning_tokens": 0, "rejected_prediction_tokens": 0 }, "prompt_tokens": 34, "prompt_tokens_details": { "audio_tokens": 0, "cached_tokens": 0 }, "total_tokens": 172 } }
