Add EntraId authentication support for Azure specific endpoints#2070
Merged
eleanorjboyd merged 10 commits intomicrosoft:mainfrom Nov 21, 2025
Merged
Add EntraId authentication support for Azure specific endpoints#2070eleanorjboyd merged 10 commits intomicrosoft:mainfrom
eleanorjboyd merged 10 commits intomicrosoft:mainfrom
Conversation
eleanorjboyd
commented
Nov 18, 2025
eleanorjboyd
commented
Nov 18, 2025
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds Entra ID authentication support for Azure OpenAI endpoints, allowing users to authenticate with their Azure credentials instead of API keys for enterprise security scenarios.
Key changes:
- Adds a new configuration setting
github.copilot.chat.azureAuthTypeto choose between Entra ID and API key authentication (defaults to Entra ID) - Creates a new
AzureOpenAIEndpointclass that uses Bearer token authentication instead of Azure'sapi-keyheader - Updates
AzureBYOKModelProviderto handle Entra ID authentication flows during model enumeration and chat responses - Includes comprehensive unit tests for the new
AzureOpenAIEndpointclass
Reviewed Changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
src/platform/configuration/common/configurationService.ts |
Adds AzureAuthType configuration setting to support choosing between 'entraId' and 'apiKey' authentication methods |
src/extension/byok/vscode-node/customOAIProvider.ts |
Exports CustomOAIModelInfo interface and renames getModelsWithAPIKeys to getModelsWithCredentials (changed visibility to protected) for extensibility |
src/extension/byok/vscode-node/azureProvider.ts |
Implements Entra ID authentication by overriding getModelsWithCredentials and provideLanguageModelChatResponse to use Azure authentication sessions |
src/extension/byok/node/azureOpenAIEndpoint.ts |
New class extending OpenAIEndpoint to override header generation, using Authorization: Bearer instead of api-key for Entra ID tokens |
src/extension/byok/node/test/azureOpenAIEndpoint.spec.ts |
Comprehensive unit tests covering Entra ID authentication headers and endpoint behavior |
package.json |
Adds the github.copilot.chat.azureAuthType configuration schema with enum values and documentation |
Advitya17
approved these changes
Nov 19, 2025
lramos15
reviewed
Nov 20, 2025
lramos15
previously approved these changes
Nov 20, 2025
| { createIfNone: true } | ||
| { | ||
| createIfNone: true, | ||
| silent: false |
|
|
||
| if (authType === AzureAuthMode.EntraId) { | ||
| const session = await vscode.authentication.getSession( | ||
| // Session is guaranteed to be defined when createIfNone: true |
Member
There was a problem hiding this comment.
the typing for getSession should say this already.
ffca190 to
51e2a91
Compare
TylerLeonhardt
approved these changes
Nov 21, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
fixes microsoft/vscode#270234