This document covers optional features that can be enabled in the deployed Azure resources.
You should typically enable these features before running azd up. Once you've set them, return to the deployment steps.
- Using GPT-4
- Enabling GPT-4 Turbo with Vision
- Enabling Integrated Vectorization
- Enabling authentication
- Enabling login and document level access control
- Enabling CORS for an alternate frontend
We generally find that most developers are able to get high quality answers using GPT 3.5. However, if you want to try GPT-4, you can do so by following these steps:
- In
infra/main.bicep, changechatGptModelNameto 'gpt-4' instead of 'gpt-35-turbo'. - You may also need to adjust the capacity above that line depending on how much TPM your account is allowed.
This section covers the integration of GPT-4 Vision with Azure AI Search. Learn how to enhance your search capabilities with the power of image and text indexing, enabling advanced search functionalities over diverse document types. For a detailed guide on setup and usage, visit our Enabling GPT-4 Turbo with Vision page.
Azure AI search recently introduced an integrated vectorization feature in preview mode. This feature is a cloud-based approach to data ingestion, which takes care of document format cracking, data extraction, chunking, vectorization, and indexing, all with Azure technologies.
To enable integrated vectorization with this sample:
- If you've previously deployed, delete the existing search index.
- Run
azd env set USE_FEATURE_INT_VECTORIZATION true - Run
azd upto update system and user roles - You can view the resources such as the indexer and skillset in Azure Portal and monitor the status of the vectorization process.
By default, the deployed Azure web app will have no authentication or access restrictions enabled, meaning anyone with routable network access to the web app can chat with your indexed data. You can require authentication to your Azure Active Directory by following the Add app authentication tutorial and set it up against the deployed web app.
To then limit access to a specific set of users or groups, you can follow the steps from Restrict your Azure AD app to a set of users by changing "Assignment Required?" option under the Enterprise Application, and then assigning users/groups access. Users not granted explicit access will receive the error message -AADSTS50105: Your administrator has configured the application <app_name> to block users unless they are specifically granted ('assigned') access to the application.-
By default, the deployed Azure web app allows users to chat with all your indexed data. You can enable an optional login system using Azure Active Directory to restrict access to indexed data based on the logged in user. Enable the optional login and document level access control system by following this guide.
By default, the deployed Azure web app will only allow requests from the same origin. To enable CORS for a frontend hosted on a different origin, run:
- Run
azd env set ALLOWED_ORIGIN https://<your-domain.com> - Run
azd up
For the frontend code, change BACKEND_URI in api.ts to point at the deployed backend URL, so that all fetch requests will be sent to the deployed backend.
For an alternate frontend that's written in Web Components and deployed to Static Web Apps, check out azure-search-openai-javascript and its guide on using a different backend. Both these repositories adhere to the same HTTP protocol for RAG chat apps.