Join us in July for Securing AI Apps on Azure!

Join us in July for Securing AI Apps on Azure!

Join us in July for a series of free live-streams sharing best practices for securing your AI apps on Azure. You'll learn about managed identity (keyless authentication), user sign-in with Microsoft Entra (for both internal and public-facing apps), data access control for RAG apps, and deployment of a RAG app to a fully private network.


Check out the session details below, or register for the entire series now. And don't worry, if you miss a session, you can catch up on the YouTube recording after.


Using Keyless Auth with Azure AI Services

July 2nd, 2024

5:00 PM - 6:00 PM (UTC)

Ready to go keyless and never worry about compromised keys again? All the Azure AI services support keyless authentication using role-based access control, making it possible for you to authenticate to the services with either your logged in local user identity or your deployed app's managed identity. We'll show you how to use keyless authentication with Azure OpenAI, demonstrating how to set up the access controls in the Portal, with the Azure CLI, or with infrastructure-as-code (Bicep). Then we'll connect to that Azure OpenAI service in our application code, using both the OpenAI SDK and the popular Langchain SDK. Our examples will be in Python, but you can use keyless auth with most modern OpenAI packages. Join us to go keyless today! Part of our Reactor series on Securing AI Apps on Azure!


Add User Login to AI Apps using Built-in Auth

July 8, 2024

5:00 PM - 6:00 PM (UTC)

Building an AI app on Azure and want to know the easiest way to let users sign-in? We'll show you how to setup built-in authentication on Azure App Service and Azure Container Apps. With built-in auth, employees can sign-in to either a workforce tenant or, thanks to Entra External ID, consumers can sign-in with a one-time passcode, username/password, or Google/Facebook login. Then your Azure app can display user details like their name, with minimal code changes. We'll demonstrate how to setup built-in auth to your apps using either the Graph SDK and the newly released Graph Bicep provider, and provide links to samples with full code provided. 


Add User Login to AI Apps using MSAL SDK

July 9, 2024

7:00 PM - 8:00 PM (UTC)

Need a user sign-in feature for your AI app? We'll show you how to setup an OAuth2 OIDC flow in Python using the the MSAL SDK with the open source identity package. You can use this approach to either enable employees to sign-in to a workforce tenant or, thanks to Entra External ID, let customers sign-in with a one-time passcode, username/password, or Google/Facebook login. Then your app can use user details from the Graph SDK, like their name and email. We'll also demonstrate how to automate the creation of Microsoft Entra applications using the Graph SDK. 


Handling User Auth for a SPA App on Azure

July 10, 2024

7:00 PM - 8:00 PM (UTC)

Many modern web applications use a SPA architecture: a single-page web app for the frontend and an API for the backend. In this talk, we'll discover how you can add user authentication to a SPA app using Microsoft Entra, using the MSAL.JS SDK on the frontend and the MSAL Python SDK on the backend. Learn how to set up Entra applications correctly, one for the client and one for the server, and how to use the on-behalf-of-flow on the server for handling tokens sent from the client. Our example application will be an AI RAG application with a React frontend and Python backend, but you can apply the same principles to any SPA applications that need user authentication. 


Data Access Control for AI RAG Apps on Azure

July 17, 2024

7:00 PM - 8:00 PM (UTC)

If you're trying to get an LLM to accurately answer questions about your own documents, you need RAG: Retrieval Augmented Generation. With a RAG approach, the app first searches a knowledge base for relevant matches to a user's query, then sends the results to the LLM along with the original question. What if you have documents that should only be accessed by a subset of your users, like a group or a single user? Then you need data access controls to ensure that document visibility is respected during the RAG flow. In this session, we'll show an approach using Azure AI Search with data access controls to only search the documents that can be seen by the logged in user. We'll also demonstrate a feature for user-uploaded documents that uses data access controls along with Azure Data Lake Storage Gen2. 


Deploying an AI App to a Private Network on Azure

July 25, 2024

11:00 PM - 12:00 AM (UTC)

To ensure that your AI app can only be accessed within your enterprise network, you should deploy it to an Azure virtual network with private endpoints for each Azure service used. In this session, we'll show how to deploy an AI RAG application to a virtual network that includes App Service, AI Search, OpenAI, Document Intelligence, and Blob storage, and we'll do it entirely with infrastructure-as-code (Bicep) so that you can do the same deployment. Then we'll log in to the virtual network using Azure Bastion with a virtual machine to demonstrate that we can access the RAG app from inside the network, and only inside the network. 


Published on:

Learn more
Azure Developer Community Blog articles
Azure Developer Community Blog articles

Azure Developer Community Blog articles

Share post:

Related posts

Azure Update Manager to support CIS hardened images among other images

What’s coming in by end of July 2024: Azure Update Manager will add support for 35 CIS hardened images. This is the first time that Update Man...

6 hours ago

Mastering your cloud journey: Essentials to Innovating, Migrating and Modernizing, on Azure

We are living during a time of rapid growth in AI technologies and seeing cloud complexity increase as a result of those advanced workloads, w...

16 hours ago

Announcing the stable release of Azure Event Grid Namespaces HTTP client libraries

This post announces stable release of the HTTP Azure Event Grid Namespaces client libraries in .NET, Java, JavaScript, Python, and Go. The pos...

22 hours ago

Portal extension for Azure Firewall with DDoS protection

Introduction In the ever-evolving landscape of network security, Azure Firewall has emerged as a key player. As a managed, cloud-based network...

1 day ago

Generative AI with Azure Cosmos DB

Leverage Azure Cosmos DB for generative AI workloads for automatic scalability, low latency, and global distribution to handle massive data vo...

1 day ago

Enhancing Document Extraction with Azure AI Document Intelligence and LangChain for RAG Workflows.

Overview. The broadening of conventional data engineering pipelines and applications to include document extraction and preprocessing for ...

1 day ago

Azure Capacity Reservations with Automatic Consumption

Solving the ask – Automatic Capacity Reservations Historically, the setting to use a Capacity Reservations Groups must be defined while the vi...

2 days ago
Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy