This chapter covers Azure OpenAI Service, a managed service that provides REST API access to OpenAI's powerful language models including GPT-4, GPT-3.5, and the DALL-E image generation model, hosted on Azure infrastructure. For the AZ-204 exam, this topic falls under Objective 5.1 (Integrate, manage, and monitor Azure OpenAI Service) and appears in approximately 5-10% of questions, often as part of larger scenarios involving AI integration. You will learn how to provision the service, interact with models via the API, manage content filtering, implement prompt engineering, handle token limits, and monitor usage — all essential skills for building AI-powered applications on Azure.
Jump to a section
Imagine you are a restaurant owner who wants to serve gourmet meals but lacks the kitchen and chef expertise. Instead of building your own kitchen (training your own AI model), you hire a private chef (Azure OpenAI Service) who comes with a fully equipped kitchen (pre-trained models) and a pantry of premium ingredients (vast training data). You don't need to know how to cook; you just place an order (send a prompt) specifying the dish (task), dietary restrictions (prompt engineering), and portion size (token limit). The chef prepares the meal and serves it (returns a completion). You pay for each meal served (pay-per-use pricing). However, you cannot modify the chef's secret recipes (you cannot fine-tune the base model directly without using the fine-tuning capability, which is like asking the chef to learn a new recipe). The chef works in a private kitchen within your restaurant's premises (your Azure subscription), ensuring that no other restaurant (tenant) can see your orders (data privacy and isolation). The chef also abides by your restaurant's rules (content filtering and responsible AI policies). If you need faster service, you can reserve the chef's time (provisioned throughput) to guarantee availability. This analogy maps directly to how Azure OpenAI provides managed AI capabilities without requiring you to build, train, or host models yourself.
What is Azure OpenAI Service?
Azure OpenAI Service is a cloud-based platform that gives developers access to OpenAI's state-of-the-art generative AI models through a REST API, with the added benefits of Azure's enterprise-grade security, compliance, and scalability. It is not a separate set of models; rather, it is OpenAI's models hosted on Azure infrastructure, providing the same capabilities as OpenAI's API but with Azure's networking, monitoring, and identity integration.
The service supports several model families:
GPT-4 and GPT-4 Turbo: Multimodal models capable of understanding text and images, with improved reasoning and instruction following.
GPT-3.5 Turbo: A faster and more cost-effective model for chat and text generation.
GPT-3 (text-davinci-003, etc.): Older models still available for specific use cases.
Embeddings (text-embedding-ada-002): For semantic search and text similarity.
DALL-E 2 and DALL-E 3: For image generation from text descriptions.
Whisper: For speech-to-text transcription and translation.
How It Works Internally
Azure OpenAI Service is deployed within your Azure subscription as a resource. When you create an Azure OpenAI resource, you choose a region (e.g., East US, West Europe) and a pricing tier (Standard or Provisioned). The resource gets an endpoint URL and two API keys (key1 and key2) for authentication, similar to other Azure services.
Under the hood, the service consists of: - Model Deployments: You must deploy a specific model version to an endpoint before you can use it. Each deployment has a name you choose, and you reference it in API calls. Deployments are regional and can be scaled independently. - Content Filtering: Azure applies content filters to all model inputs and outputs to detect harmful content (hate, violence, sexual, self-harm). These filters run before and after the model call. You can configure filter severity levels (low, medium, high) and even turn off filtering for some categories (with approval). - Tokenization: Models process text in tokens — chunks of characters (~4 characters per token for English). API calls have token limits per request (e.g., 4096 tokens for GPT-3.5 Turbo, 8192 or 32768 for GPT-4). You pay per token used. - Rate Limiting: Each deployment has a rate limit measured in tokens per minute (TPM) and requests per minute (RPM). The default for Standard tier is 1M TPM and 1000 RPM, but you can request increases.
Key Components, Values, Defaults, and Timers
API Version: Always specify the API version in the URL, e.g., 2023-12-01-preview. The latest stable version changes over time. The exam may test that you need to include api-version.
Authentication: Use API keys in the api-key header or Azure AD tokens via Bearer authorization. For production, Azure AD is recommended.
Model Names vs Deployment Names: The API call uses deployment-id (your chosen deployment name), not the model name. This is a common trap.
Max Tokens: Controls the length of the response. Default is often 16, which is very short. You must set it appropriately (e.g., 500).
Temperature: Controls randomness. Range 0-2, default 1. Lower values (e.g., 0.2) make output more deterministic; higher values (e.g., 0.8) increase creativity.
Top P: Nucleus sampling. Default 1. Alternative to temperature. The model considers tokens with top_p probability mass. Usually you adjust temperature or top_p, not both.
Frequency Penalty: Range -2 to 2, default 0. Positive values reduce repetition.
Presence Penalty: Range -2 to 2, default 0. Positive values encourage the model to talk about new topics.
Stop Sequences: Up to 4 sequences that stop generation. Useful for ending responses at a specific phrase.
Configuration and Verification Commands
Using Azure CLI to create an Azure OpenAI resource:
az cognitiveservices account create \
--name myOpenAIResource \
--resource-group myResourceGroup \
--kind OpenAI \
--sku S0 \
--location eastus \
--yesTo deploy a model:
az cognitiveservices account deployment create \
--resource-group myResourceGroup \
--name myOpenAIResource \
--deployment-name myGpt35Turbo \
--model-name gpt-35-turbo \
--model-version 0613 \
--model-format OpenAI \
--sku-capacity 1 \
--sku-name StandardThe --model-name uses a specific format (e.g., gpt-35-turbo not gpt-3.5-turbo). Note the hyphen difference.
To test the endpoint with curl:
curl $AZURE_OPENAI_ENDPOINT/openai/deployments/myGpt35Turbo/chat/completions?api-version=2023-12-01-preview \
-H "Content-Type: application/json" \
-H "api-key: $AZURE_OPENAI_KEY" \
-d '{"messages":[{"role":"system","content":"You are a helpful assistant."},{"role":"user","content":"Hello"}],"max_tokens":100}'How It Interacts with Related Technologies
Azure Cognitive Search: Combine with Azure OpenAI to implement Retrieval Augmented Generation (RAG). Use embeddings to index documents, then query the index to retrieve relevant chunks, and pass them to the model as context.
Azure Functions: Serverless compute to orchestrate API calls, handle authentication, and process responses.
Azure API Management: To rate-limit, transform, and monitor API calls to Azure OpenAI.
Azure Key Vault: Store API keys securely.
Azure Monitor: Collect metrics like tokens consumed, latency, and errors. Set up alerts for usage spikes.
Azure AD: For managed identity authentication, eliminating the need for API keys.
Fine-Tuning
Azure OpenAI supports fine-tuning on GPT-3.5 Turbo (and some older models). Fine-tuning requires a training dataset in JSONL format with prompts and completions. The process: 1. Upload training and validation files to Azure Blob Storage. 2. Create a fine-tuning job via the API or CLI. 3. The service creates a new model deployment.
Fine-tuning is not available for GPT-4 in all regions and may have additional costs.
Content Filtering
Azure OpenAI applies content filters to all inputs and outputs. The filters are configurable per deployment. You can set severity levels (safe, low, medium, high) for categories: hate, sexual, violence, self-harm. Filters can be turned off for some categories with Microsoft approval. If a request or response is filtered, the API returns a 400 status with an error message. The exam may test that filtered requests still incur token charges (the input is processed before filtering).
Error Handling
Common HTTP status codes:
- 400: Bad request (e.g., invalid parameters, content filtered).
- 401: Unauthorized (invalid or missing API key).
- 429: Rate limit exceeded. Retry after Retry-After header.
- 500: Internal server error.
The SDKs provide automatic retries for 429 and 500 errors.
Provisioned Throughput
For predictable performance, you can purchase Provisioned Throughput Units (PTUs). This reserves model capacity for your deployment, ensuring low latency even under high load. It is billed hourly regardless of usage. The exam may contrast this with Standard (pay-per-token) tier.
Networking
Azure OpenAI Service can be secured using: - Private Endpoints: Access the service from a virtual network without exposing it to the internet. - IP Firewall: Restrict access to specific IP addresses. - Disable Local Authentication: Require Azure AD tokens instead of API keys.
Monitoring and Logging
Use Azure Monitor to track: - Azure OpenAI Requests: Count, latency, token usage. - Content Filtering: Number of blocked requests. - Fine-tuning: Status of jobs.
You can also enable diagnostic settings to send logs to Log Analytics, Storage, or Event Hubs.
Provision the Azure OpenAI resource
In the Azure portal, navigate to 'Create a resource' and search for 'Azure OpenAI'. Select the service, choose a subscription, resource group, region (e.g., East US), and name (e.g., MyOpenAI). Choose the pricing tier: Standard (pay-as-you-go) or Provisioned (reserved capacity). Click 'Create'. After deployment, note the endpoint URL (e.g., https://myopenai.openai.azure.com/) and generate API keys under 'Keys and Endpoint'. For production, consider using Azure AD authentication and disable local auth.
Deploy a model to the resource
In the Azure OpenAI Studio (https://oai.azure.com), go to 'Deployments' and click 'Create new deployment'. Select a model (e.g., GPT-3.5 Turbo, version 0613), assign a deployment name (e.g., myGpt35), and set the model version. For Standard tier, set the capacity (number of tokens per minute). Click 'Create'. The deployment takes a few seconds. You can also deploy via CLI or ARM templates. Note: the deployment name is what you use in API calls, not the model name.
Authenticate and get API access
You have two authentication options: API key (key1 or key2) sent in the `api-key` header, or Azure AD token (Bearer token) via managed identity or service principal. For SDKs, set the endpoint and key/token. For example, in Python: `openai.api_type = 'azure'`, `openai.api_base = endpoint`, `openai.api_version = '2023-12-01-preview'`, `openai.api_key = key`. The API version is required. If using Azure AD, use `DefaultAzureCredential` from the Azure Identity library.
Send a chat completion request
Construct a JSON payload with `messages` array. Each message has `role` (system, user, assistant) and `content`. The system message sets the behavior. User messages are the input. Assistant messages are previous responses (for multi-turn). Set `max_tokens` to limit response length. For example: `{"messages":[{"role":"system","content":"You are a helpful assistant."},{"role":"user","content":"What is Azure?"}],"max_tokens":100}`. Send a POST to `/openai/deployments/{deployment-id}/chat/completions?api-version=2023-12-01-preview`. The response includes `choices` array with `message` and `finish_reason` (stop, length, content_filter).
Handle the response and manage tokens
Parse the JSON response to extract the assistant's reply from `choices[0].message.content`. Monitor token usage from `usage.prompt_tokens`, `usage.completion_tokens`, `usage.total_tokens`. This is important for cost management. If the response is truncated (finish_reason: length), increase `max_tokens` or use a model with larger context. Implement retry logic for 429 (rate limit) with exponential backoff. Use the `Retry-After` header value. For streaming, set `stream: true` and receive chunks via Server-Sent Events.
Enterprise Scenario 1: Customer Support Chatbot
A large e-commerce company wants to deploy an AI-powered chatbot to handle customer inquiries, reducing load on human agents. They use Azure OpenAI Service with GPT-3.5 Turbo. The chatbot is integrated with Azure Cognitive Search using RAG to answer product-specific questions based on their product catalog stored in Azure Cosmos DB. They deploy the model in the East US region and use Azure AD authentication with managed identity. To handle peak traffic during Black Friday, they use Provisioned Throughput Units (PTUs) for guaranteed latency. They set up Azure Monitor alerts to notify if token usage exceeds 80% of the allocated PTUs. A common issue they face is content filters blocking legitimate product descriptions due to overly strict settings; they adjust filter severity to 'low' for the sexual category (since products include clothing) after getting Microsoft approval. They also use streaming to provide real-time responses to customers, improving user experience.
Enterprise Scenario 2: Internal Code Assistant
A financial services firm builds an internal tool that helps developers write and review code. They use GPT-4 for its superior reasoning. To ensure data privacy, they deploy Azure OpenAI with private endpoints connected to their virtual network, and disable public network access. All API calls are authenticated via Azure AD. They implement a custom content filter using Azure Functions to scan for sensitive financial terms before sending prompts to the model. They fine-tune GPT-3.5 Turbo on their internal coding standards to improve relevance. The fine-tuning job uses training data stored in Azure Blob Storage with SAS tokens. They monitor fine-tuning job status via Azure Monitor and set up alerts for failures. A misconfiguration they encountered: initially they set max_tokens too low (default 16), causing truncated responses that confused developers. They now set max_tokens to 2000 and use stop sequences to end responses at natural points.
Scenario 3: Real-Time Translation Service
A travel company uses Azure OpenAI Whisper model for speech-to-text and GPT-3.5 Turbo for translation. They deploy Whisper in the West Europe region to reduce latency for European customers. They use Azure Functions to orchestrate the workflow: audio file uploaded to Blob Storage triggers a function that sends it to Whisper, then the transcription is sent to GPT for translation. They use Azure Key Vault to store API keys. The main performance consideration is that Whisper has a maximum audio file size of 25 MB; they chunk longer recordings. They also implement retry policies for transient errors. A common mistake is forgetting to set the API version correctly, leading to 400 errors.
What AZ-204 Tests on Azure OpenAI Service
This topic falls under Objective 5.1: Integrate, manage, and monitor Azure OpenAI Service. The exam expects you to know:
How to provision the service and deploy models (CLI, portal, SDK).
How to authenticate using API keys vs Azure AD.
How to make chat completion and completion API calls, including required parameters (deployment-id, api-version, messages).
How to configure content filtering and understand its impact (filtered requests still incur token costs for input).
How to handle rate limiting (429 status, Retry-After header).
How to monitor usage with Azure Monitor (metrics: Tokens Consumed, Active Requests).
The difference between Standard and Provisioned throughput tiers.
How to use embeddings for search (but not in depth).
Common Wrong Answers and Why Candidates Choose Them
Wrong: Use the model name (e.g., "gpt-35-turbo") in the URL path instead of the deployment name. Why: Candidates confuse the underlying model with the deployment. The API requires the deployment name you created. The model name is used only during deployment creation.
Wrong: Set max_tokens to 4096 for GPT-3.5 Turbo expecting that to be the total context length. Why: max_tokens controls only the response length. The total context includes both input and output tokens. If you set max_tokens to 4096 and your input is 4000 tokens, you'll get an error because total exceeds the model's limit (4096 for GPT-3.5 Turbo). You must account for both.
Wrong: Assume content filtering blocks the request entirely and no tokens are billed. Why: Filtering occurs after input processing; input tokens are counted and billed. Only the output is blocked. The exam may test that you still pay for filtered inputs.
Wrong: Use the same API key for all deployments without considering rotation. Why: The exam may present a scenario where you need to rotate keys. API keys are per resource, not per deployment. You should use key1 and key2 alternately to avoid downtime.
Specific Numbers, Values, and Terms
Token limit for GPT-3.5 Turbo: 4096 tokens (input + output). For GPT-4: 8192 or 32768 depending on model.
Default max_tokens: 16 (very short).
API version format: YYYY-MM-DD or YYYY-MM-DD-preview.
Rate limit default: 1M TPM, 1000 RPM for Standard tier.
Content filter categories: hate, sexual, violence, self-harm.
Authentication headers: api-key or Authorization: Bearer.
Fine-tuning supported models: GPT-3.5 Turbo (0613), Babbage, Davinci.
Edge Cases and Exceptions
If you exceed the token limit per request, the API returns a 400 error with message "maximum context length exceeded".
If you send a request that gets flagged by content filter, the API returns 400 with a content_filter error. The finish_reason in the response will be content_filter.
When using Azure AD authentication, you must include the api-version query parameter; otherwise, you get a 401 error.
The service does not support multi-region deployment of a single model; you must deploy separately in each region.
How to Eliminate Wrong Answers
If a question asks about the URL endpoint, eliminate any answer that uses the model name instead of deployment name.
If a question mentions cost savings, consider Provisioned throughput for predictable workloads vs Standard for variable.
If a question involves token limits, remember that max_tokens sets the response limit, not total.
For authentication, if the scenario involves managed identities, the answer should use Azure AD tokens, not API keys.
Azure OpenAI Service requires you to deploy a model with a custom deployment name; use that name in API calls, not the model name.
Always specify the API version in the URL (e.g., api-version=2023-12-01-preview).
The max_tokens parameter controls response length only; total tokens (prompt + response) must not exceed the model's context limit (4096 for GPT-3.5 Turbo).
Content filtering checks both input and output; filtered inputs still incur token charges.
Authentication can be via API keys (api-key header) or Azure AD (Bearer token).
Rate limits are per deployment; if exceeded, the API returns HTTP 429 with a Retry-After header.
Standard tier is pay-per-token; Provisioned tier reserves capacity for predictable performance.
Fine-tuning is supported for GPT-3.5 Turbo and some older models; requires training data in JSONL format.
Use Azure Monitor to track token usage, latency, and error rates.
Private endpoints and IP firewalls can secure the service within a virtual network.
These come up on the exam all the time. Here's how to tell them apart.
Azure OpenAI Service
Hosted on Azure infrastructure with enterprise SLAs (99.9% uptime).
Supports Azure AD authentication and managed identities.
Private endpoints and virtual network integration for secure access.
Content filtering built-in with configurable severity levels.
Billed via Azure subscription with Azure Cost Management tools.
OpenAI API (Direct)
Hosted on OpenAI's own infrastructure.
Uses OpenAI API keys only.
No private network integration; accessible over public internet.
Content filtering is basic (OpenAI's own safety system).
Billed directly by OpenAI via credit card.
Mistake
Azure OpenAI Service is the same as OpenAI's API — no differences.
Correct
While the models are the same, Azure OpenAI offers additional features like private endpoints, Azure AD integration, content filtering, and compliance with Azure's SLAs. The API endpoints and authentication methods differ (Azure uses api-key or Azure AD, not OpenAI's API key).
Mistake
You must fine-tune a model to use it.
Correct
Fine-tuning is optional. You can use the pre-trained models directly via the API. Fine-tuning is only needed to adapt the model to a specific domain or style.
Mistake
Content filtering blocks all harmful content and you cannot configure it.
Correct
You can configure the severity levels for each content category (safe, low, medium, high). You can also disable filtering for specific categories with Microsoft approval.
Mistake
The max_tokens parameter sets the total context length (input + output).
Correct
max_tokens sets only the maximum number of tokens the model can generate in the response. The total context length is limited by the model's context window (e.g., 4096 for GPT-3.5 Turbo). You must ensure prompt tokens + max_tokens <= context limit.
Mistake
You can use the model name directly in the API URL.
Correct
You must use the deployment name you created, not the model name. For example, if you deploy gpt-35-turbo with deployment name 'myGpt35', the URL is /deployments/myGpt35/... not /deployments/gpt-35-turbo/...
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
Use Azure Active Directory (Azure AD) authentication. Assign a managed identity or service principal to your application with the 'Cognitive Services OpenAI User' role on the Azure OpenAI resource. In your code, use the Azure Identity library (e.g., DefaultAzureCredential) to obtain a token and pass it in the Authorization header as 'Bearer <token>'. This eliminates the need to manage API keys.
The model's context length (e.g., 4096 for GPT-3.5 Turbo) is the total number of tokens the model can process in a single request, including both the input (prompt) and the output (response). The max_tokens parameter specifies the maximum number of tokens the model can generate in the response. You must ensure that prompt tokens + max_tokens <= context length. If you exceed, you get a 400 error.
Yes, by using private endpoints. Create a private endpoint for the Azure OpenAI resource in your virtual network, and disable public network access. Then, all traffic from your resources in the VNet goes through the Microsoft backbone network, never over the public internet.
When you receive a 429 status code, check the Retry-After header (value in seconds) and wait before retrying. Implement exponential backoff with jitter. The Azure OpenAI SDKs have built-in retry policies that you can configure. Alternatively, you can request a rate limit increase for your deployment.
Yes, input tokens are billed even if the request is blocked by content filtering. The model processes the input before filtering is applied. However, output tokens are not billed if the response is filtered because no output is generated.
The system message sets the behavior and context for the assistant. For example, you can set it to 'You are a helpful assistant that speaks in a formal tone.' The system message is part of the prompt and consumes tokens. It helps guide the model's responses without being part of the conversation history.
Use the command: az cognitiveservices account deployment create --resource-group <rg> --name <openai-resource> --deployment-name <mydeploy> --model-name gpt-35-turbo --model-version 0613 --model-format OpenAI --sku-capacity 1 --sku-name Standard. Note: model-name uses hyphens (gpt-35-turbo).
You've just covered Azure OpenAI Service for Developers — now see how well it sticks with free AZ-204 practice questions. Full explanations included, no account needed.
Done with this chapter?