via #4148

Today, our Azure model provider supports api_key in the configuration which sends an api-key header.

We also want to support the other kind:

API Key authentication: For this type of authentication, all API requests must include the API Key in the api-key HTTP header. The Quickstart provides guidance for how to make calls with this type of authentication.

Microsoft Entra ID authentication: You can authenticate an API call using a Microsoft Entra token. Authentication tokens are included in a request as the Authorization header. The token provided must be preceded by Bearer, for example Bearer YOUR_AUTH_TOKEN. You can read our how-to guide on authenticating with Microsoft Entra ID.

Proposed Solution

When configuring the Azure model provider, the user can specify either (XOR):

• api_key
• bearer_auth_token

The former is the current behavior. The latter sends Bearer YOUR_AUTH_TOKEN. The bearer_auth_token should support env, dynamic, and so on - just like api_key.

We'll need to figure out how to test this internally. https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/managed-identity

We should update the docs accordingly.