The Future of AI: Evaluating and optimizing custom RAG agents using Azure AI Foundry
This blog post explores best practices for evaluating and optimizing Retrieval-Augmented Generation (RAG) agents using Azure AI Foundry. It introduces the RAG triad metrics—Retrieval, Groundedness, and Relevance—and demonstrates how to apply them using Azure AI Search and agentic retrieval for custom agents. Readers will learn how to fine-tune search parameters, use end-to-end evaluation metrics and golden retrieval metrics like XDCG and Max Relevance, and leverage Azure AI Foundry tools to build trustworthy, high-performing AI agents.The Future of AI: Harnessing AI agents for Customer Engagements
Discover how AI-powered agents are revolutionizing customer engagement—enhancing real-time support, automating workflows, and empowering human professionals with intelligent orchestration. Explore the future of AI-driven service, including Customer Assist created with Azure AI Foundry.The Future of AI: Autonomous Agents for Identifying the Root Cause of Cloud Service Incidents
Discover how Microsoft is transforming cloud service incident management with autonomous AI agents. Learn how AI-enhanced troubleshooting guides and agentic workflows are reducing downtime and empowering on-call engineers.
Securely Build and Manage Agents in Azure AI Foundry
Agents are transforming the way the world works, ushering in a new age of automation, efficiency, and exceptional customer experiences. These intelligent systems are revolutionizing industries, evolving from task-specific chatbots into interconnected networks of specialized agents capable of handling complex processes and adapting seamlessly to dynamic environments. But to deploy AI agents responsibly and at scale, businesses must have confidence in the underlying platform—specifically, assurance that all agent activity and customer data is secure and fully under their control. We specifically designed the new Foundry Agent Service’s standard agent setup with these requirements in mind and prioritized building new observability, evaluation, and security features. We’re also excited to introduce support for Bring Your Own (BYO) Thread Storage with Azure Cosmos DB for NoSQL as a core component of the standard agent setup. With this update, all Foundry projects created using the Standard Agent Setup will use customer managed, single tenant resources to store all customer data processed by the service. Built-in Enterprise Readiness with Foundry Agent Service Standard Setup Azure AI Foundry Agent Service offers three setup modes designed to meet you where you are—whether you're a fast-moving startup or an enterprise with strict security and compliance needs: Basic Setup: Ideal for rapid prototyping and getting started quickly, this mode uses platform-managed storage and is compatible with OpenAI Assistants. It also supports non-OpenAI models and integrates with new tools like Azure AI Search, Bing Grounding, Azure Functions, and more. Standard with Public Networking: Includes the same model and tool support as Basic Setup but gives you fine-grained control over your data by using your own Azure resources. Standard with Private Networking: Extends the Standard Setup by adding support for Bring Your Own Virtual Network (BYO VNet), enabling full network isolation and strict control over data exfiltration. Just like traditional applications, agents are stateful and require persistent storage to retain information across interactions. Azure AI Foundry Agent Service’s standard agent setup is designed for enterprise customers, and by default, requires: BYO File Storage: All files uploaded by developers (during agent configuration) or end-users (during interactions) are stored directly in the customer’s Azure Storage account. BYO Search: All vector stores created by the agent leverage the customer’s Azure AI Search resource. BYO Thread Storage: All customer messages and conversation history will be stored in the customer’s own Azure Cosmos DB account. Project-Level Data Isolation Standard setup enforces project-level data isolation by default. Two blob storage containers will automatically be provisioned in your storage account, one for files and one for intermediate system data (chunks, embeddings) and three containers will be provisioned in your Cosmos DB, one for user systems, one for system messages, and one for user inputs related to created agents such as their instructions, tools, name, etc. This default behavior was chosen to reduce setup complexity while still enforcing strict data boundaries between projects. Private Network Isolation Standard setup supports private network isolation through custom virtual network support with subnet delegation. This gives you full control over the inbound and outbound communication paths for your agent. You can restrict access to only the resources explicitly required by your agent, such as storage accounts, databases, or APIs, while blocking all other traffic by default. This approach ensures that your agent operates within a tightly scoped network boundary, reducing the risk of data leakage or unauthorized access. By default, this setup simplifies security configuration while enforcing strong isolation guarantees—ensuring that each agent deployment remains secure, compliant, and aligned with enterprise networking policies. New Foundry Resource Provider The new Foundry resource type introduces a unified management experience for agents, models, evaluations, and finetuning under a single Azure resource provider namespace. We understand the need for interconnectivity between all our offerings across AI Foundry and want to provide you with the core building blocks to use them together seamlessly. The consolidation enables administrators to apply all enterprise promises to not just agents-but all AI capabilities in your Foundry project. A few of these enterprise promises include: New built-in RBAC roles provide up-to-date role definitions to help admins differentiate access between Administrator, Project Manager and Project Users. Customer managed keys enable enterprises to bring their own encryption keys for securing sensitive agent data, ensuring compliance with internal security policies and regulatory requirements while maintaining full control over data access and lifecycle. Additionally, the new Foundry API, designed from the ground up for agentic applications, allows developers to build and evaluate across model providers using a consistent, API-first interface—further simplifying integration and accelerating development. These enhancements empower developers to accelerate experimentation and time-to-market, while giving IT admins a self-serve platform to manage agents, models, and Azure integrations cohesively. Why Should You Trust Foundry Agents? Ensuring Robust Agent Evaluation and Monitoring (AgentOps) Building trustworthy AI agents requires insight into agent decision-making processes. Azure AI Foundry Agent Services provides a comprehensive set of AgentOps tools that offer deep visibility into every stage of agent execution, enabling faster iteration, streamlined debugging, and effective evaluation. These tools include: Built-in evaluation tools allow developers to measure agent accuracy, task adherence, and overall performance under real-world conditions. This proactive approach highlights gaps and optimizes agent behavior, ensuring readiness for mission-critical tasks. Integrated OpenTelemetry-based tracing offers detailed insights into data flows, intermediate steps, and function calls during agent processes. This capability helps identify performance bottlenecks and refine workflows, ensuring seamless integration within enterprise systems. Monitoring and reporting dashboards, including Azure Monitor and Aspire, provide real-time tracking of key metrics such as response time, error rates, and task completion, enabling businesses to address issues promptly. Together, these capabilities establish a strong foundation for building secure, reliable, and scalable agentic systems. Our goal is to equip you with the tools to take your agentic applications from experimentation to production—confidently and responsibly. Strengthening Security with Entra Agent ID We are announcing the public preview of Microsoft Entra Agent ID, a new capability designed to bring enterprise-grade identity and access management to AI agents built with Azure AI Foundry and Microsoft Copilot Studio. Microsoft Entra Agent ID is the first step in managing agent identities in your organization, giving you full visibility and control over what your AI agents can do. Each agent created through Foundry Agent Service or Copilot Studio is automatically assigned a unique, first-class identity. This means your AI agents receive the same identity management as human users. They appear in your Microsoft Entra directory, allowing you to set access controls and permissions for each agent. With Entra Agent ID, organizations can: View and manage their full inventory of AI agents in one place Assign and enforce least-privilege access policies Audit agent behavior and lifecycle activity Reduce permission sprawl and limit unnecessary access Remove or restrict agents when appropriate Soon, security administrators will also be able to apply Conditional Access policies, multi-factor authentication, and role-based access controls to agents. Agent sign-in activity will be fully auditable, and agents that attempt to access unauthorized resources will be blocked just like a regular user would. Agent ID is integrated with Microsoft Defender and Microsoft Purview, enabling consistent security and compliance policies across human and non-human identities. This new capability lays the foundation for broader protection and management of digital labor as AI adoption continues to grow. Built-in Governance and Safety As organizations build agents robust safety and governance controls are essential to ensuring responsible AI behavior. Microsoft is announcing several new capabilities designed to help teams address emerging risks such as prompt injection attacks, privacy violations, and agent drift from intended tasks. These guardrails and controls are seamlessly integrated into the agent service, powered by Azure AI Content Safety. At Build, we are introducing three critical advancements: Spotlighting in Prompt Shields: Enhances the ability to separate intended user instructions from potentially malicious or untrusted content, such as information pulled from documents or websites. This separation helps reduce the risk of cross prompt injection attacks. PII Detection: Adds new data protection capabilities, powered by Azure AI Language, that automatically detect and redact PII, PHI, and other sensitive information from unstructured text. This helps safeguard privacy and reduce the risk of data exposure in AI outputs. Task Adherence: Control to detect when an agent strays from user intent. Deviations can be blocked or escalated, helping agents follow instructions and stay within approved boundaries. Conclusion The future of AI depends on trust and collaboration—only with both can scalable systems truly redefine workflows and unlock groundbreaking solutions. Azure AI Foundry is empowering organizations to step boldly into this future, unlocking the limitless possibilities of AI agents to shape a smarter, more connected world. Whether you're deploying an agent to deliver personalized shopping recommendations or to process confidential legal documents, each use case requires a different level of security, access control, and system safeguards. That’s why we’ve built transparency and control into the foundation of our platform—so you can tailor your deployment to match your specific risk profile and operational needs. Get started today by deploying one of our one-click “Deploy to Azure” ARM templates. What’s Next? Build your first network secured Agent through ARM template Explore the documentation to learn more about Azure AI Foundry Agent Service Start building your agents today in Azure AI Foundry Watch our Foundry Agent Service breakout session at BuildBuild recap: new Azure AI Foundry resource, Developer APIs and Tools
At Microsoft Build 2025, we introduced Azure AI Foundry resource, Azure AI Foundry API, and supporting tools to streamline the end-to-end development lifecycle of AI agents and applications. These capabilities are designed to help developers accelerate time-to-market; support production-scale workloads with scale and central governance; and support administrators with a self-serve capability to enable their teams’ experimentation with AI in a controlled environment. The Azure AI Foundry resource type unifies agents, models and tools under a single management grouping, equipped with built-in enterprise-readiness capabilities — such as tracing & monitoring, agent and model-specific evaluation capabilities, and customizable enterprise setup configurations tailored to your organizational policies like using your own virtual networks. This launch represents our commitment to providing organizations with a consistent, efficient and centrally governable environment for building and operating the AI agents and applications of today, and tomorrow. New platform capabilities The new Foundry resource type evolves our vision for Azure AI Foundry as a unified Azure platform-as-a-service offering, enabling developers to focus on building applications rather than managing infrastructure, while taking advantage of native Azure platform capabilities like Azure Data and Microsoft Defender. Previously, Azure AI Foundry portal’s capabilities required the management of multiple Azure resources and SDKs to build an end-to-end application. New capabilities include: Foundry resource type enables administrators with a consistent way of managing security and access to Agents, Models, Projects, and Azure tooling Integration. With this change, Azure Role Based Access Control, Networking and Policies are administered under a single Azure resource provider namespace, for streamlined management. ‘Azure AI Foundry’ is a renaming of the former ‘Azure AI Services’ resource type, with access to new capabilities. While Azure AI Foundry still supports bring-your-own Azure resources, we now default to a fully Microsoft-managed experience, making it faster and easier to get started. Foundry projects are folders that enable developers to independently create new environments for exploring new ideas and building prototypes, while managing data in isolation. Projects are child resources; they may be assigned their own admin controls but by default share common settings such as networking or connected resource access from their parent resource. This principle aims to take IT admins out of the day-to-day loop once security and governance are established at the resource level, enabling developers to self-serve confidently within their projects. Azure AI Foundry API is designed from the ground up, to build and evaluate API-first agentic applications, and lets you work across model providers agnostically with a consistent contract. Azure AI Foundry SDK wraps the Foundry API making it easy to integrate capabilities into code whether your application is built in Python, C#, JavaScript/TypeScript or Java. Azure AI Foundry for VS Code Extension complements your workflow with capabilities to help you explore models, and develop agents and is now supported with the new Foundry project type. New built-in RBAC roles provide up-to-date role definitions to help admins differentiate access between Administrator, Project Manager and Project users. Foundry RBAC actions follow strict control- and data plane separation, making it easier to implement the principle of least privilege. Why we built these new platform capabilities If you are already building with Azure AI Foundry -- these capabilities are meant to simplify platform management, enhance workflows that span multiple models and tools, and reinforce governance capabilities, as we see AI workloads grow more complex. The emergence of generative AI fundamentally changed how customers build AI solutions, requiring capabilities that span multiple traditional domains. We launched Azure AI Foundry to provide a comprehensive toolkit for exploring, building and evaluating this new wave of GenAI solutions. Initially, this experience was backed by two core Azure services -- Azure AI Services for accessing models including those from OpenAI, and Azure Machine Learning’s hub, to access tools for orchestration and customization. With the emergence of AI agents composing models and tools; and production workloads demanding the enforcement of central governance across those, we are investing to bring the management of agents, models and their tooling integration layer together to best serve these workload’s requirements. The Azure AI Foundry resource and Foundry API are purposefully designed to unify and simplify the composition and management of core building blocks of AI applications: Models Agents & their tools Observability, Security, and Trust In this new era of AI, there is no one-size-fits-all approach to building AI agents and applications. That's why we designed the new platform as a comprehensive AI factory with modular, extensible, and interoperable components. Foundry Project vs Hub-Based Project Going forward, new agents and model-centric capabilities will only land on the new Foundry project type. This includes access to Foundry Agent Service in GA and Foundry API. While we are transitioning to Azure AI Foundry as a managed platform service, hub-based project type remains accessible in Azure AI Foundry portal for GenAI capabilities that are not yet supported by the new resource type. Hub-based projects will continue to support use cases for custom model training in Azure Machine Learning Studio, CLI and SDK. For a full overview of capabilities supported by each project type, see this support matrix. Azure AI Foundry Agent Service The Azure AI Foundry Agent Service experience, now generally available, is powered by the new Foundry project. Existing customers exploring the GA experience will need the new AI Foundry resource. All new investments in the Azure AI Foundry Agent Service are focused on the Foundry project experience. Foundry projects act as secure units of isolation and collaboration — agents within a project share: File storage Thread storage (i.e. conversation history) Search indexes You can also bring your own Azure resources (e.g., storage, bring-your-own virtual network) to support compliance and control over sensitive data. Start Building with Foundry Azure AI Foundry is your foundation for scalable, secure, and production-grade AI development. Whether you're building your first agent or deploying a multi-agent workforce at Scale, Azure AI Foundry is ready for what’s next.
The Future of AI: Developing Code Assist – a Multi-Agent Tool
Discover how Code Assist, created with Azure AI Foundry Agent Service, uses AI agents to automate code documentation, generate business-ready slides, and detect security risks in large codebases—boosting developer productivity and project clarity.Introducing AzureImageSDK — A Unified .NET SDK for Azure Image Generation And Captioning
Hello 👋 I'm excited to share something I've been working on — AzureImageSDK — a modern, open-source .NET SDK that brings together Azure AI Foundry's image models (like Stable Image Ultra, Stable Image Core), along with Azure Vision and content moderation APIs and Image Utilities, all in one clean, extensible library. While working with Azure’s image services, I kept hitting the same wall: Each model had its own input structure, parameters, and output format — and there was no unified, async-friendly SDK to handle image generation, visual analysis, and moderation under one roof. So... I built one. AzureImageSDK wraps Azure's powerful image capabilities into a single, async-first C# interface that makes it dead simple to: 🎨 Inferencing Image Models 🧠 Analyze visual content (Image to text) 🚦 Image Utilities — with just a few lines of code. It's fully open-source, designed for extensibility, and ready to support new models the moment they launch. 🔗 GitHub Repo: https://github.com/DrHazemAli/AzureImageSDK Also, I've posted the release announcement on the https://github.com/orgs/azure-ai-foundry/discussions/47 👉🏻 feel free to join the conversation there too. The SDK is available on NuGet too. Would love to hear your thoughts, use cases, or feedback!The Future of AI: Computer Use Agents Have Arrived
Discover the groundbreaking advancements in AI with Computer Use Agents (CUAs). In this blog, Marco Casalaina shares how to use the Responses API from Azure OpenAI Service, showcasing how CUAs can launch apps, navigate websites, and reason through tasks. Learn how CUAs utilize multimodal models for computer vision and AI frameworks to enhance automation. Explore the differences between CUAs and traditional Robotic Process Automation (RPA), and understand how CUAs can complement RPA systems. Dive into the future of automation and see how CUAs are set to revolutionize the way we interact with technology.The Future of AI: Harnessing AI for E-commerce - personalized shopping agents
Explore the development of personalized shopping agents that enhance user experience by providing tailored product recommendations based on uploaded images. Leveraging Azure AI Foundry, these agents analyze images for apparel recognition and generate intelligent product recommendations, creating a seamless and intuitive shopping experience for retail customers.
