When Click Citation files, always encounter Internal Server Error? about azure-search-openai-demo HOT 10 CLOSED

Locally, the app uses your user credential, but when deployed, the app uses the app service's managed identity, so its certainly possible for a permission error to happen.

Here is the corresponding infrastructure from main.bicep that sets up the managed identity for acessing storage:

module storageRoleBackend 'core/security/role.bicep' = {
  scope: storageResourceGroup
  name: 'storage-role-backend'
  params: {
    principalId: backend.outputs.identityPrincipalId
    roleDefinitionId: '2a2b9908-6ea1-4ae2-8e65-a410df84e7d1'
    principalType: 'ServicePrincipal'
  }
}

Please double check that your app has that role assigned to it.

from azure-search-openai-demo.

Hi Pamela,
Thanks for the reply.
About Please double check that your app has that role assigned to it.:
If the blob storage and web app has already set up, how to set up the managed identity to access storage?

• Is it inside the Access control (IAM)?
• I need to change the setting for blob storage or web app?
• Which setting should I change?

Update:
Figure it out by myself, no like the role assignment to user, after deploying online, it relays on the Identify of the web app (also the entry name).
For more details, I make the changes based on following link:
https://tech-tutes.com/2021/03/18/access-azure-blob-storage-using-azure-ad-managed-identity/

from azure-search-openai-demo.

Same issue here. How did you solve this?

from azure-search-openai-demo.

same issue here. Any ideas on how to solve this?

from azure-search-openai-demo.

Same for me, was working. loaded more files in and now not

from azure-search-openai-demo.

above Internal Server Error for citation resolved...?

from azure-search-openai-demo.

Please check the logs for the web server and see if you can see a precise error. Please paste the error here.

from azure-search-openai-demo.

Please check the logs for the web server and see if you can see a precise error. Please paste the error here.

Hi, here is my error log. The strange thing is that I can use the citation locally but cannot view it after deploy it. Any suggestions? Thanks.

azure.core.exceptions.HttpResponseError: This request is not authorized to perform this operation using this permission.

from azure-search-openai-demo.

Hi Pamela, Thanks for the reply. About Please double check that your app has that role assigned to it.: If the blob storage and web app has already set up, how to set up the managed identity to access storage?

* Is it inside the `Access control (IAM)`?

* I need to change the setting for blob storage or web app?

* Which setting should I change?

Update: Figure it out by myself, no like the role assignment to user, after deploying online, it relays on the Identify of the web app (also the entry name). For more details, I make the changes based on following link: https://tech-tutes.com/2021/03/18/access-azure-blob-storage-using-azure-ad-managed-identity/

can please provide more details on what you did, i already have the identity added but it is still showing me the internal server error. Thanks.

from azure-search-openai-demo.

If you are seeing an internal server error, please first check the App Service logs (see FAQ for how to do that) to see the exact error. Once you have the exact error, share that here or in a new issue if you need help understanding it.

from azure-search-openai-demo.