Core API & User Portal Post-Deployment Configuration

Complete these steps after running azd up to finalize Core API and Chat Portal authentication.

Prerequisites

Deployment completed successfully
App Configuration access configured (see Prerequisites)
App registrations created (see Pre-Deployment Setup)

Update App Configuration Settings

Step 1: Access App Configuration

Sign in to Azure Portal
Navigate to your deployment resource group
Select the App Configuration resource
Select Configuration explorer

Step 2: Filter Settings

Enter entra in the search box
Check the box next to Key to select all Entra-related settings
Click Edit to open the JSON editor

Step 3: Update Values

Update the following settings with values from your app registrations:

Key	Value
`FoundationaLLM:Chat:Entra:ClientId`	Application (client) ID of `FoundationaLLM-User-Portal`
`FoundationaLLM:Chat:Entra:TenantId`	Directory (tenant) ID
`FoundationaLLM:Chat:Entra:Scopes`	`api://FoundationaLLM-Core/Data.Read`
`FoundationaLLM:CoreAPI:Entra:ClientId`	Application (client) ID of `FoundationaLLM-Core-API`
`FoundationaLLM:CoreAPI:Entra:TenantId`	Directory (tenant) ID

Step 4: Verify Default Values

Confirm these values are correct:

Key	Expected Value
`FoundationaLLM:Chat:Entra:CallbackPath`	`/signin-oidc`
`FoundationaLLM:Chat:Entra:Instance`	`https://login.microsoftonline.com/`
`FoundationaLLM:CoreAPI:Entra:CallbackPath`	`/signin-oidc`
`FoundationaLLM:CoreAPI:Entra:Instance`	`https://login.microsoftonline.com/`
`FoundationaLLM:CoreAPI:Entra:Scopes`	`Data.Read`

Step 5: Save Changes

Click Apply to save all configuration changes.

Restart Services

After updating configuration, restart the services to apply changes.

Azure Container Apps (Quick Start)

Navigate to your resource group
Select the Core API Container App (ends with coreapica)
Select Revisions in left menu
Select the active revision
Click Restart in the Revision details panel
Repeat for Chat UI Container App (ends with chatuica)

Azure Kubernetes Service (Standard)

Via Azure Portal:

Navigate to the AKS resource
Select Workloads > Pods tab
Filter by namespace: fllm
Select core-api and chat-ui pods
Click Delete (new pods auto-create)

Via kubectl:

kubectl rollout restart deployment/core-api -n fllm
kubectl rollout restart deployment/chat-ui -n fllm

Verify Authentication

Navigate to your Chat Portal URL
You should be redirected to Microsoft sign-in
Enter your Entra ID credentials
Verify successful authentication

Troubleshoot Issues

Issue	Solution
Redirect loop	Verify redirect URI in app registration matches deployment URL
Invalid client	Check `FoundationaLLM:Chat:Entra:ClientId` value
Invalid scope	Verify scope format: `api://FoundationaLLM-Core/Data.Read`
AADSTS50011	Add correct redirect URI to app registration
AADSTS700016	Verify tenant ID is correct

Check Logs

ACA:

az containerapp logs show -n <app-name> -g <resource-group>

AKS:

kubectl logs deployment/core-api -n fllm --tail=100
kubectl logs deployment/chat-ui -n fllm --tail=100

Table of Contents

Core API & User Portal Post-Deployment Configuration

Prerequisites

Update App Configuration Settings

Step 1: Access App Configuration

Step 2: Filter Settings

Step 3: Update Values

Step 4: Verify Default Values

Step 5: Save Changes

Restart Services

Azure Container Apps (Quick Start)

Azure Kubernetes Service (Standard)

Verify Authentication

Troubleshoot Issues

Check Logs

Next Steps

Table of Contents

Core API & User Portal Post-Deployment Configuration

Prerequisites

Update App Configuration Settings

Step 1: Access App Configuration

Step 2: Filter Settings

Step 3: Update Values

Step 4: Verify Default Values

Step 5: Save Changes

Restart Services

Azure Container Apps (Quick Start)

Azure Kubernetes Service (Standard)

Verify Authentication

Test Sign-In

Troubleshoot Issues

Check Logs

Next Steps

Related Topics