1.3.1. Authentication Methods Deep Dive

• Concept: Multiple authentication options with different security/convenience trade-offs
• Purpose: Secure access to AI services appropriate to the scenario
• Benefit: Balance security requirements with operational needs

Visual: Authentication Method Selection

Loading diagram...

Managed Identity Implementation:

# Enable system-assigned managed identity on App Service
# Grant RBAC role: Cognitive Services User
# No keys to manage or rotate

from azure.identity import DefaultAzureCredential

credential = DefaultAzureCredential()
client = CognitiveServicesClient(endpoint, credential)

Key Management Best Practices:

• Two keys provided (Key1, Key2) for zero-downtime rotation
• Store in Azure Key Vault, never in code or config files
• Rotate on schedule and after any potential exposure