Authentication

LLMGW

LLMGW API calls can be authenticated by 3 methods:

API Key: Traditional API key authentication with keys securely stored in Azure Key Vault, supporting key rotation capabilities for enhanced security management and seamless credential updates without service interruption.

User-Based Token: Individual user tokens with configurable expiration times that can be revoked as needed, providing granular access control tied to specific user identities and enabling fine-grained permission management.

API Key + Entra ID Token: Enhanced security model combining API key authentication with Entra ID token validation, where user identity is fetched and validated based on the provided Entra ID token information, offering an additional layer of security verification.

Grafana

Grafana dashboards can be configured for access through multiple authentication methods:

Entra ID integration: Single sign-on (SSO) access using organizational Entra ID credentials for seamless user experience

Admin API key: Administrative access using dedicated API keys for service accounts and automated monitoring systems

Admin portal

Admin portal requires Entra ID integration to be configured and is exclusively accessible through Entra ID authentication, ensuring that administrative functions are protected by enterprise identity management and organizational access policies.