Welcome to the March edition of our Viva Glint newsletter. Our recurring communications will help you get the most out of the Viva Glint product. You can always access the current edition and past editions of the newsletter on our Viva Glint blog. 

Our next features release date 

Viva Glint’s next feature release is scheduled for March 9, 2024*. Your dashboard will provide date and timing details two or three days before the release. 

In your Viva Glint programs 

The Microsoft Copilot Impact Survey template has premiered in the Viva Glint platform. AI tools are increasingly integrated into the workplace to enhance workforce productivity and the employee experience. This transformational shift in work means leaders need to understand their early investments in Microsoft Copilot and how it is being adopted. Deploying the Copilot Impact Survey template in Viva Glint, organizations can measure the impact of Microsoft Copilot enabling leaders to plan AI readiness, drive adoption, and measure their ROI. Learn about the Copilot Impact survey here. 

Changing item IDs for expired cycles will be self-serve. Comparing survey trend is essential to tracking focus area progress over time. When a survey is retired, you can still use the data for an item from that survey as a comparison in a new survey which uses the identical item. And you can do it quickly and independently! Learn how to change survey item IDs here. 

We’ve updated our Action Plan templates! Action Plan templates provide resources to help organizations act on feedback. Content comes from our new learning modules, WorkLab articles, and LinkedIn Learning. Now we’re exploring opportunities across all Viva and Copilot products to harness sentiment and data to enhance the employee experience and surface relevant, contextualized action recommendations. Check out Action Plan guidance here.  

Support survey takers with new help content 

Simplify your support process during live Viva Glint surveys to help users easily submit their valuable feedback. Use support guidance as an admin to communicate proactively and create resources to address commonly asked questions by survey takers. Share help content directly with your organization so that survey takers have answers to all their questions. 

Announcing our new Viva Glint product council 

Viva Glint is launching a product council! We are keen to listen to you, our customers, to help inform the future of our product. By enrolling, you will hear directly from our product and design teams, have an impact in shaping our product, and connect with like-minded customers to discuss your Viva Glint journey. To learn more and express an interest in signing up, visit this blog post. 

Connect and learn with Viva Glint 

We are officially launching our badging program! We are excited to announce that Viva Glint users can now earn badges upon completion of recommended training modules and then publish them to their social media networks. We’re kicking off this program by offering both a Foundations Admin badge and a Manager badge course. Learn more here about badging. 

Get ready for our next Viva Glint: Ask the Experts session on March 12. Geared towards new Viva Glint customers who are in the process of deploying their first programs, this session focuses on User Roles and Permissions. You must be registered to attend the session. Bring your questions! Register here for Ask the Experts. 

Join us at our upcoming Microsoft and Viva hosted events 

Attend our Think like a People Scientist webinar series. Premiering in February (if you missed it, you can catch the recording here!), this series, created based on customer feedback, will deep dive into important topics that you may encounter on your Viva Glint journey. Register for our upcoming sessions below: 

March 20: Telling a compelling story with your data  
April 23:  Influencing action without authority  
May 28:  Designing a survey that meets your organization’s needs  

We are also kicking off our People Science x AI Empowerment series. Check out and register for our upcoming events that will help empower HR leaders with the knowledge and resources to feel confident, excited, and ready to bring AI to their organizations:   

March 14: AI overview and developments for Viva Glint featuring Viva Glint People Science and Product leaders 
April 18: AI: the game-changer for the employee experience featuring Microsoft research and applied science leaders 

For those in the Vancouver area, join us for Microsoft Discovery Day on March 6. During this in-person event at Microsoft Vancouver you will learn from Microsoft leaders and industry experts about fundamental shifts in the workplace and the implications for your business. Gain an understanding of the value of AI-powered insights and experiences to build engagement and inspire creativity. Register. 

Join the Viva People Science team at upcoming industry events 

Are you attending the Wharton People Analytics Conference on March 14-15? As sponsors of the event, we will be there, and we would love to see you at our booth! This conference explores the latest advances and urgent questions in people analytics, including AI and human teaming, neurodiversity, new research on hybrid and remote work, and the advancement of frontline workers. Learn more about the conference here. 

Our Microsoft Viva People Scientists are among the featured speakers at the Society for Industrial and Organizational Psychology (SIOP) annual conference in April. Live in Chicago, and also available virtually, the SIOP conference inspires and galvanizes our community through sharing knowledge, building connections, fostering inclusion, and stimulating new ideas. Learn more here. 

Join Rick Pollak on April 18 for a panel discussion, Your Employee Survey is Done. Now What?  Rick and leading experts will address best practices and advice about survey reporting, action taking, and more. 
Join Caribay Garcia and other industrial organizational psychology innovators on April 19 for IGNITE-ing Innovation: Uses of Generative AI in Industrial Organization Psychology. This session will help psychologists conduct timelier research by fostering cross-collaborative communication between academics and practitioners. 
Join Stephanie Downey and other industry experts on April 19 for Ask the Experts: Crowdsource Solutions to Your Top Talent Challenges. This session brings together industry experts to facilitate roundtable discussions focused on key talent and HR challenges. 
Again, join Stephanie Downey on April 19 for Alliance: Unlocking Whole Person Management: Benefits, Hidden Costs, and Solutions. Explore the multifaceted dimensions of whole person management (WPM) by delving into the benefits and challenges this approach creates. 
Join Carolyn Kalafut on April 19 for Path to Product. This seminar provides an intro to understanding product and the ability to influence the software development lifecycle and to embed responsible and robust I-O principles in it. 
Join Caribay Garcia on April 20 for Harnessing Large Language Models in I-O Psychology: A Revolution in HR Offerings. Delve into the practical implications, ethical concerns, and the future of large language models (LLMs) in HR. 

Check out our most recent blog content on the Microsoft Viva Community 

Assess how your organization feels about Microsoft Copilot 
Viva People Science Industry Trends: Retail 

How are we doing? 

If you have any feedback on this newsletter, please reply to this email. Also, if there are people on your teams that should be receiving this update, please have them sign up using this link. 

*Viva Glint is committed to consistently improving the customer experience. The cloud-based platform maintains an agile production cycle with fixes, enhancements, and new features. Planned program release dates are provided with the best intentions of releasing on these dates, but dates may change due to unforeseen circumstances. Schedule updates will be provided as appropriate.  

​Microsoft Tech Community – Latest Blogs –Read More 

The cloud comes with the promise of significant cost savings compared to on-premises costs. However, realizing those savings requires diligence to proactively plan, govern, and monitor your cloud solutions. Your ability to detect, analyze, and quickly resolve unexpected costs can help minimize the impact on your budget and operations. When you understand your cloud costs you can make more informed decisions on how to allocate and manage those costs. But even with proactive cost management, surprises can still happen. That’s why we developed several tools in Microsoft Cost Management to help you set up thresholds and rules so you can detect problems early and ensure the timely detection of out-of-scope changes in your cloud costs. Let’s take a closer look at some of these tools and how you can use them to discover anomalous costs and usage patterns.

Identify atypical usage patterns with anomaly detection
Anomaly detection is a powerful tool that can help you minimize unexpected charges by identifying atypical usage patterns like cost spikes or dips based on your cost and usage trends and take corrective actions. For example, you might notice that something has changed, but you’re not sure what. Suppose you have a subscription that consumes around $100 every day. A new service was added into the subscription by mistake, resulting in the daily cost doubling to $200. With anomaly detection, you will be notified about the steep spike in daily cost, which you can then investigate to see if it’s an expected increase or a mistake, leading to early corrective measure.

You can also embed time-series anomaly detection capabilities into your apps to identify problems quickly. AI Anomaly Detector ingests time-series data of all types and selects the best anomaly detection algorithm for your data to ensure high accuracy. Detect spikes, dips, deviations from cyclic patterns, and trend changes through both univariate and multivariate APIs. Customize the service to detect any level of anomaly. Deploy the anomaly detection service where you need it—in the cloud or at the intelligent edge.

Use Alerts to get notified when an anomalous usage change is detected
You can subscribe to anomaly alerts to be automatically notified when an anomalous usage change is detected, with a subscription-scope email displaying the underlying resource groups that contributed to the anomalous behavior. Alerts can also be set up for your Azure reserved instances usage to receive email notifications, so you can take remedial action when your reservations have low utilization.

Here’s an example of how to create an anomaly alert rule:

Select the scope as the subscription which needs monitoring.
Navigate to the ‘Cost alerts’ page in Cost Management. Select ‘Anomaly’ as the Alert type.
Specify the recipient email IDs.
Click on ‘Create alert rule.’

In the event that an anomaly is detected, you will receive alert emails which give you basic information to help you start your investigation.

Get deeper insights with smart views
Use smart views in Cost Analysis to view anomaly insights that were automatically detected for each subscription. To drill into the underlying data for something that has changed, select the Insight link. You can also create custom views for anomalous usage detection such as unused costs from Azure reserved instances and savings plans that could point to further optimization for specific workloads.

You can also group related resources in Cost Analysis and smart views. For example, group related resources, like disks under virtual machines or web apps under App Service plans, by adding a “cm-resource-parent” tag to the child resources with a value of the parent resource ID. Or use Charts in Cost Analysis smart views to view your daily or monthly cost over time.

Use Copilot for AI-based assistance
For quick identification and analysis of anomalies in your cloud spend, try the AI-powered Copilot in Cost Management––available in preview on the Azure Portal. For example, if a cost doubles you can ask Copilot natural language questions to understand what happened and get the insights you need faster. You don’t need to be an expert in navigating the cost management UI or analyzing the data, you simply let the AI do it for you. For example, you can ask, “why did my cost increase this month?” or “which service led to the increase in cost this month?” Copilot will then provide a breakdown by categories of spend and their percentage impact on your total invoice. From there, you can leverage the generated suggestions to investigate your bill further.

Learn more about streamlining anomaly management
Optimizing your cloud spend with Azure becomes much easier when you streamline your anomaly management processes with tools like anomaly detection, alerts, and smart views in Microsoft Cost Management. You can learn even more about using FinOps best practices to manage anomalies in your resource usage at aka.ms/finops/solutions.

​Microsoft Tech Community – Latest Blogs –Read More 

Jared Spataro, Microsoft Corporate Vice President, AI at Work, presented an engaging keynote at the Global Nonprofit Leaders Summit that left everyone amazed and optimistic about the abilities and simplicity of AI for everyone.

Watch Jared’s session for a walk through that shows how Microsoft Copilot can be a powerful tool for productivity and creativity. From the fun and fantastic, to the practical and powerful, Jared queries Copilot in a real-time demo using his own workstreams in Outlook, Teams, and more: 

Can elephants tow a car? 
What will the workplace of the future look like? 
Can you write a Python script to extract insights from this data? 
Can you summarize and prioritize the latest emails from my boss? 

Jared shares important tips for prompt engineering, previews the new “Sounds like me” feature to co-create responses in your own voice, and talks about the value of AI being “usefully wrong.”

And he reminds us to say please and thank you. 

What did you learn from Jared’s session? How are you using Copilot to enhance creativity and productivity?

​Microsoft Tech Community – Latest Blogs –Read More 

Azure Sphere OS version 24.03 is now available for evaluation in the Retail Eval feed. The retail evaluation period for this release provides 28 days (about 4 weeks) of testing. During this time, please verify that your applications and devices operate properly with this release before it is deployed broadly to devices in the Retail feed.

The 24.03 OS Retail Eval release includes bug fixes and security updates including additional security updates to the cancelled 23.10 release, and a bugfix to a sporadic issue with OS update that caused the cancellation of that release.

For this release, the Azure Sphere OS contains an updated version of cURL. Azure Sphere OS provides long-term ABI compatibility, however the mechanisms of how cURL-multi operates, particularly with regard to recursive calls, have changed since the initial release of the Azure Sphere OS. Microsoft has performed additional engineering to provide backward compatibility for previously compiled applications to accommodate these changes. However, this is a special area of focus for compatibility release during this evaluation.

If your application leverages cURL-multi (as indicated by the usage of the `curl_multi_add_handle ()` API) we would encourage you to perform additional testing against the 24.03 OS. These changes do not impact applications that use the cURL-easy interface (as indicated by the usage of `curl_easy_perform()` API.).

Areas of special focus for compatibility testing with 24.03 include apps and functionality utilizing:

cURL and cURL-multi
wolfSSL, TLS-client, and TLS-server
Azure IoT, DPS, IoT Hub, IoT Central, Digital Twins, C SDK
Mutual Authentication

For more information on Azure Sphere OS feeds and setting up an evaluation device group, see Azure Sphere OS feeds and Set up devices for OS evaluation.

For self-help inquiries or technical support, review the Azure Sphere support options.

​Microsoft Tech Community – Latest Blogs –Read More 

by Nicole Dezen, Chief Partner Officer and Corporate Vice President, Global Partner Solutions

2023 was a year of exciting growth and innovation here at Microsoft. This year’s focus is to empower our customers and partners through AI transformation, and we’re excited to share what will be an impactful lineup of events for 2024. Attending these events provides you with the opportunity to learn, grow, and make defining connections with experts from around the world. 

Microsoft Inspire: the next chapter 

Continue reading here

​Microsoft Tech Community – Latest Blogs –Read More 

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:””;
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:”Aptos”,sans-serif;
mso-ascii-font-family:Aptos;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Aptos;
mso-hansi-theme-font:minor-latin;}
table.MsoTableGrid
{mso-style-name:”Table Grid”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-priority:39;
mso-style-unhide:no;
border:solid windowtext 1.0pt;
mso-border-alt:solid windowtext .5pt;
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-border-insideh:.5pt solid windowtext;
mso-border-insidev:.5pt solid windowtext;
mso-para-margin:0in;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:”Aptos”,sans-serif;
mso-ascii-font-family:Aptos;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Aptos;
mso-hansi-theme-font:minor-latin;
mso-font-kerning:1.0pt;
mso-ligatures:standardcontextual;}

​Microsoft Tech Community – Latest Blogs –Read More 

Teams Phone is a cloud calling solution that equips your entire workforce with flexible, reliable, and smart calling capabilities, all within Microsoft Teams. Earlier this month, we introduced a new Teams Phone for Frontline Workers offer1 that enables frontline workers to securely communicate with customers, colleagues, or suppliers in Teams.

Teams Phone keeps frontline workers mobile and connected with dedicated numbers and devices, making it a versatile solution for employees in various industries and job functions. For instance, a retail store associate can easily respond to customer inquiries on product information, or nurses can directly connect with their patients from anywhere, across devices. With Teams Phone, you can:

Route calls to the right person at the right time with auto-attendants, call queues, and call delegation.
Communicate securely with patients with electronic health record application integration, call recording, and transcription.
Create meaningful customer engagements with CRM system integration, consultative transfers, and call park.
Set frontline teams up quickly with shared calling, allowing groups of users to make and receive calls with a shared phone number and calling plan.

Simplify communication with common area phones in shared spaces

In today’s fast-paced work environment, effective communication is essential for seamless operations. However, not all frontline workers need a dedicated phone number to perform their tasks. In some scenarios, they may only need to make or receive occasional calls on behalf of a department. Common area phones cater to this need and unlock easy to use calling capabilities for frontline workers. With common area phones, frontline workers can make and receive calls through a shared mobile Android device, or a desk phone assigned to their team or department.

Common area phones in shared spaces have several use cases. A shared device can help retail store associates who are managing incoming calls in the curbside pick-up department, or receptionists in a clinic who are managing appointment scheduling requests. With common area phones, you can:

Route incoming calls efficiently, easily, and exactly where you need them with auto-attendants, call queues, call transfer, shared line appearance, and call park.
Relay important information between teams in real time with Walkie Talkie in Teams as well as hotline phones programmed to dial one number.

How to Get Started

Teams Phone for individual users

Get the Teams Phone for Frontline Workers license¹, available as an add-on to Microsoft 365 F1 and F3.
Use Teams Phone from any device where you’re logged into the Teams app. See the full list of certified devices here.
Learn more about how to set up Teams Phone.

Common area phones

Get the Teams Shared Device license.
Learn more about how to set up desk phones as common area phones or how to set up an Android mobile phone as a common area phone.

¹ Microsoft Teams Phone Standard for Frontline Workers ($4 user/month) will be available as an add-on to Microsoft 365 F1 ($2.25 user/month) and F3 ($8 user/month). Listed pricing may vary due to currency, country, and regional variant factors. Contact your Microsoft sales representative to learn more.

​Microsoft Tech Community – Latest Blogs –Read More 

Hello, it’s Chris Cartwright from the Directory Services support team again.  This is the second entry in a series where I try to provide the IT community with some tools and verbiage that will hopefully save you and your business many hours, dollars and frustrations.  Here we’re going to focus on some major direct and/or indirect changes to Active Directory that tend be pushed onto AD administrators.  I want to arm you with the knowledge required for those conversations, and hopefully some successful deflection.  After all, isn’t it better to learn the hard lessons from others, if you can?

Periodically, we get cases for replication failures, many times, involving lingering objects.  Almost without fail, the cause is one of the following reasons:

DNS
SACL/DACL size
Network communication issues

Network communications issues almost always come down to a “blinky box” in the middle that is doing something it shouldn’t be, whether due to defective hardware/software, misconfiguration or the ever-present misguided configuration.  Today, we’re going to focus on the third, a misguided configuration.  That is to say, the things that your compliancy section has said must be done, that have little to no security benefit, but can easily result in a multi-hour, multi-day, or even (yes) multi-long outage.  To be fair, the portents of an outage should be readily apparent with any monitoring in place.  However, sometimes reporting agents are not installed, fail to function properly, or misconfigured or events themselves are missed (alert fatigue). So, one of things to do when compliancy starts talking about locking down DC communications is to ask them…

What is the problem you are trying to solve?

Have you been asked to isolate DCs?  Create a lag site?  Make sure that X DCs can only replicate with Y DCs? 

The primary effect of doing any of this is alert fatigue for replication errors, which is a path to outage later.  Additionally, if you have “Bridge all site links” enabled, you are giving the KCC the wrong information to create site links. 

Don’t permanently isolate DCs
Don’t create lag sites
Do make sure you have backups in place
Do make sure KCC has the correct information, and then let it be unless your network topology changes. 
Do make sure all DCs in the forest can reach all DCs in the forest (If your networks are fully routable)

Have you been asked to configure DCs to restrict the RPC ports they can use?

Every AD administrator should be familiar with the firewall ports and how RPC works.   By default, DCs will register on these port ranges and listen for traffic.  The RPC Endpoint Mapper keeps track of these ports and tells incoming requests where to go.  One thing that RPC Endpoint Mapper will not do is keep track of firewall or ACL changes that were made. 

Again, what is the security benefit here?  It is one thing to control DC communications outbound from the perimeter.  It is another thing to suggest that X port is more secure than Y port, especially when we’re talking about ports upon which DCs are listening.  If your compliancy team is worried about rogue applications listening on DCs, you have bigger problems..like rogue applications existing on your DCs, presumably put there by rogue agents who now have control over your entire Active Directory. 

The primary effect of “locking down” a DC in this way is not to improve security, but to mandate the creation or modification of some document with fine print, “Don’t forget to add these registry keys to avoid an outage”, that will inevitably be lost during turnover.  Furthermore, going too far can lead to port exhaustion, another type of outage. 

Don’t restrict AD/Netlogon to static ports without exhaustively discussing the risks involved, and heavily documenting it.
Don’t restrict the RPC dynamic range without exhaustively discussing the risks involved, and heavily documenting it.
Do restrict inbound/outbound perimeter traffic to your DCs.

“Hey, you said multi-day or multi-week outages.  It’s not that hard to fix replication!”

It is true that once you’ve found the network issue preventing replication that it is usually an easy fix.  However, if the “easy” fix is to rehost all your global catalog partitions with tens of thousands of objects on 90+ DCs, requiring manual administrative intervention, and a specific sequence of commands because your environment is filled with lingering objects, you’re going to be busy for a while. 

Wrapping it up

As the venerable Aaron Margosis said, “…if you stick with the Windows defaults wherever possible or industry-standard configurations such as the Microsoft Windows security guidance or the USGCB, and use proven enterprise management technologies instead of creating and maintaining your own, you will increase flexibility, reduce costs, and be better able to focus on your organization’s real mission.”

Security is critical in this day and age, but so is understanding the implications and reasons beyond some check box on an audit document.  Monitoring is also critical, but of little use if polluted with noise.  Remember who will be mainlining caffeine all night to get operations back online when the lingering objects start rolling in, because it will not be the people that click the “scan” button once a month…

References

Creating a Site Link Bridge Design | Microsoft Learn

“Lag site” or “hot site” (aka delayed replication) for Active Directory Disaster Recovery support – Microsoft Community Hub

You Are Not Smarter Than The KCC | Microsoft Learn

Configure firewall for AD domain and trusts – Windows Server | Microsoft Learn

RPC over IT/Pro – Microsoft Community Hub

Remote Procedure Call (RPC) dynamic port work with firewalls – Windows Server | Microsoft Learn

Restrict Active Directory RPC traffic to a specific port – Windows Server | Microsoft Learn

10 Immutable Laws of Security | Microsoft Learn

Sticking with Well-Known and Proven Solutions | Microsoft Learn

Chris “Was it really worth it” Cartwright

​Microsoft Tech Community – Latest Blogs –Read More 

You can use Azure App Service to work with popular AI frameworks like LangChain and Semantic Kernel connected to OpenAI for creating intelligent apps. In the following tutorial we will be adding an Azure OpenAI service using Semantic Kernel to a .NET 8 Blazor web application.

Prerequisites

An Azure OpenAI resource or an OpenAI account.
A .NET 8 Blazor Web App. Create the application with a template here.

Setup Blazor web app

For this Blazor web application, we’ll be building off the Blazor template and creating a new razor page that can send and receive requests to an Azure OpenAI OR OpenAI service using Semantic Kernel.

Right click on the Pages folder found under the Components folder and add a new item named OpenAI.razor
Add the following code to the ****OpenAI.razor file and click Save

“/openai”
@rendermode InteractiveServer

<PageTitle>Open AI</PageTitle>

<h3>Open AI Query</h3>

<input placeholder=”Input query” @bind=”newQuery” />
<button class=”btn btn-primary” @onclick=”SemanticKernelClient”>Send Request</button>

<br />

<h4>Server response:</h4> <p>@serverResponse</p>

@code {

public string? newQuery;
public string? serverResponse;

}

Next, we’ll need to add the new page to the navigation so we can navigate to the service.

Go to the NavMenu.razor file under the Layout folder and add the following div in the nav class. Click Save

<div class=”nav-item px-3″>
<NavLink class=”nav-link” href=”openai”>
<span class=”bi bi-list-nested-nav-menu” aria-hidden=”true”></span> Open AI
</NavLink>
</div>

After the Navigation is updated, we can start preparing to build the OpenAI client to handle our requests.

API Keys and Endpoints

In order to make calls to OpenAI with your client, you will need to first grab the Keys and Endpoint values from Azure OpenAI or OpenAI and add them as secrets for use in your application. Retrieve and save the values for later use.

For Azure OpenAI, see this documentation to retrieve the key and endpoint values. For our application, you will need the following values:

deploymentName
endpoint
apiKey
modelId

For OpenAI, see this documentation to retrieve the api keys. For our application, you will need the following values:

apiKey
modelId

Since we’ll be deploying to App Service we can secure these secrets in Azure Key Vault for protection. Follow the Quickstart to setup your Key Vault and add the secrets you saved from earlier.

Next, we can use Key Vault references as app settings in our App Service resource to reference in our application. Follow the instructions in the documentation to grant your app access to your Key Vault and to setup Key Vault references.

Then, go to the portal Environment Variables blade in your resource and add the following app settings:

For Azure OpenAI, use the following:

DEPOYMENT_NAME = @microsoft.KeyVault(SecretUri=https://myvault.vault.azure.net/secrets/mysecret/)
ENDPOINT = @microsoft.KeyVault(SecretUri=https://myvault.vault.azure.net/secrets/mysecret/)
API_KEY = @microsoft.KeyVault(SecretUri=https://myvault.vault.azure.net/secrets/mysecret/)
MODEL_ID = @microsoft.KeyVault(SecretUri=https://myvault.vault.azure.net/secrets/mysecret/)

For OpenAI, use the following:

OPENAI_API_KEY = @microsoft.KeyVault(SecretUri=https://myvault.vault.azure.net/secrets/mysecret/)
OPENAI_MODEL_ID = @microsoft.KeyVault(SecretUri=https://myvault.vault.azure.net/secrets/mysecret/)

Once your app settings are saved, you can bring them into the code by injecting IConfiguration and referencing the app settings. Add the following code to your OpenAI.razor file:

@inject Microsoft.Extensions.Configuration.IConfiguration _config

@code {

private async Task SemanticKernelClient()
{
string deploymentName = _config[“DEPLOYMENT_NAME”];
string endpoint = _config[“ENDPOINT”];
string apiKey = _config[“API_KEY”];
string modelId = _config[“MODEL_ID”];

// OpenAI
string OpenAIModelId = _config[“OPENAI_MODEL_ID”];
string OpenAIApiKey = _config[“OPENAI_API_KEY”];
}

Semantic Kernel

Semantic Kernel is an open-source SDK that enables you to easily develop AI agents to work with your existing code. You can use Semantic Kernel with Azure OpenAI and OpenAI models.

To create the OpenAI client, we’ll first start by installing Semantic Kernel.

To install Semantic Kernel, browse the NuGet package manager in Visual Studio and install the Microsoft.SemanticKernel package. For NuGet Package Manager instructions, see here. For CLI instructions, see here.

Once the Semantic Kernel package is installed, you can now initialize the kernel.

Initialize the Kernel

To initialize the Kernel, add the following code to the OpenAI.razor file.

@code {

@using Microsoft.SemanticKernel;

private async Task SemanticKernelClient()
{
var builder = Kernel.CreateBuilder();

var kernel = builder.Build();
}

}

Here we are adding the using statement and creating the Kernel in a method that we can use when we send the request to the service.

Add your AI service

Once the Kernel is initialized, we can add our chosen AI service to the kernel. Here we will define our model and pass in our key and endpoint information to be consumed by the chosen model.

For Azure OpenAI, use the following code:

var builder = Kernel.CreateBuilder();
builder.Services.AddAzureOpenAIChatCompletion(
deploymentName: deploymentName,
endpoint: endpoint,
apiKey: apiKey,
modelId: modelId
);
var kernel = builder.Build();

For OpenAI, use the following code:

var builder = Kernel.CreateBuilder();
builder.Services.AddOpenAIChatCompletion(
modelId: OpenAIModelId,
apiKey: OpenAIApiKey,
);
var kernel = builder.Build();

Configure prompt and create Semantic function

Now that our chosen OpenAI service client is created with the correct keys we can add a function to handle the prompt. With Semantic Kernel you can handle prompts by the use of a semantic functions, which turn the prompt and the prompt configuration settings into a function the Kernel can execute. Learn more on configuring prompts here.

First, we’ll create a variable that will hold the users prompt. Then add a function with execution settings to handle and configure the prompt. Add the following code to the OpenAI.razor file:

@using Microsoft.SemanticKernel.Connectors.OpenAI

private async Task SemanticKernelClient()
{
var builder = Kernel.CreateBuilder();
builder.Services.AddAzureOpenAIChatCompletion(
deploymentName: deploymentName,
endpoint: endpoint,
apiKey: apiKey,
modelId: modelId
);
var kernel = builder.Build();

var prompt = @”{{$input}} ” + newQuery;

var summarize = kernel.CreateFunctionFromPrompt(prompt, executionSettings: new OpenAIPromptExecutionSettings { MaxTokens = 100, Temperature = 0.2 });

}

Lastly, we’ll need to invoke the function and return the response. Add the following to the OpenAI.razor file:

private async Task SemanticKernelClient()
{

var builder = Kernel.CreateBuilder();
builder.Services.AddAzureOpenAIChatCompletion(
deploymentName: deploymentName,
endpoint: endpoint,
apiKey: apiKey,
modelId: modelId
);
var kernel = builder.Build();

var prompt = @”{{$input}} ” + newQuery;

var summarize = kernel.CreateFunctionFromPrompt(prompt, executionSettings: new OpenAIPromptExecutionSettings { MaxTokens = 100, Temperature = 0.2 })

var result = await kernel.InvokeAsync(summarize);

serverResponse = result.ToString();

}

Here is the example in it’s completed form. In this example, use the Azure OpenAI chat completion service OR the OpenAI chat completion service, not both.

“/openai”
@rendermode InteractiveServer
@inject Microsoft.Extensions.Configuration.IConfiguration _config

<PageTitle>OpenAI</PageTitle>

<h3>OpenAI input query: </h3>
<input class=”col-sm-4″ @bind=”newQuery” />
<button class=”btn btn-primary” @onclick=”SemanticKernelClient”>Send Request</button>

<br />
<br />

<h4>Server response:</h4> <p>@serverResponse</p>

@code {

@using Microsoft.SemanticKernel;
@using Microsoft.SemanticKernel.Connectors.OpenAI

private string? newQuery;
private string? serverResponse;

private async Task SemanticKernelClient()
{
// Azure OpenAI
string deploymentName = _config[“DEPLOYMENT_NAME”];
string endpoint = _config[“ENDPOINT”];
string apiKey = _config[“API_KEY”];
string modelId = _config[“MODEL_ID”];

// OpenAI
// string OpenAIModelId = _config[“OPENAI_DEPLOYMENT_NAME”];
// string OpenAIApiKey = _config[“OPENAI_API_KEY”];

// Semantic Kernel client
var builder = Kernel.CreateBuilder();
// Azure OpenAI
builder.Services.AddAzureOpenAIChatCompletion(
deploymentName: deploymentName,
endpoint: endpoint,
apiKey: apiKey,
modelId: modelId
);
// OpenAI
// builder.Services.AddOpenAIChatCompletion(
// modelId: OpenAIModelId,
// apiKey: OpenAIApiKey
// );
var kernel = builder.Build();

var prompt = @”{{$input}} ” + newQuery;

var summarize = kernel.CreateFunctionFromPrompt(prompt, executionSettings: new OpenAIPromptExecutionSettings { MaxTokens = 100, Temperature = 0.2 });

var result = await kernel.InvokeAsync(summarize);

serverResponse = result.ToString();

}
}

Now save the application and follow the next steps to deploy it to App Service. If you would like to test it locally first at this step, you can swap out the config values at with the literal string values of your OpenAI service. For example: string modelId = “gpt-4-turbo”;

Deploy to App Service

If you have followed the steps above, you are ready to deploy to App Service. If you run into any issues remember that you need to have done the following: grant your app access to your Key Vault, add the app settings with key vault references as your values. App Service will resolve the app settings in your application that match what you’ve added in the portal.

Authentication

Although optional, it is highly recommended that you also add authentication to your web app when using an Azure OpenAI or OpenAI service. This can add a level of security with no additional code. Learn how to enable authentication for your web app here.

Once deployed, browse to the web app and navigate to the Open AI tab. Enter a query to the service and you should see a populated response from the server. The tutorial is now complete and you now know how to use OpenAI services to create intelligent applications.

​Microsoft Tech Community – Latest Blogs –Read More 

Microsoft is partnering with Mistral AI to bring its Large Language Models (LLMs) to Azure. Mistral AI’s OSS models, Mixtral-8x7B and Mistral-7B, were added to the Azure AI model catalog last December. We are excited to announce the addition of Mistral AI’s new flagship model, Mistral Large to the Mistral AI collection of models in the Azure AI model catalog today. The Mistral Large model will be available through Models-as-a-Service (MaaS) that offers API-based access and token based billing for LLMs, making it easier to build Generative AI apps. Developers can provision an API endpoint in a matter of seconds and try out the model in the Azure AI Studio playground or use it with popular LLM app development tools like Azure AI prompt flow and LangChain. The APIs support two layers of safety – first, the model has built-in support for a “safe prompt” parameter and second, Azure AI content safety filters are enabled to screen for harmful content generated by the model, helping developers build safe and trustworthy applications.

The Mistral Large model

Mistral Large is Mistral AI’s most advanced Large Language Model (LLM), first available on Azure and the Mistral AI platform. It can be used on a full range of language-based task thanks to its state-of-the-art reasoning and knowledge capabilities. Key attributes:

Specialized in RAG: Crucial information is not lost in the middle of long context windows. Supports up to 32K tokens.
Strong in coding: Code generation, review and comments with support for all mainstream coding languages.
Multi-lingual by design: Best-in-class performance in French, German, Spanish, and Italian – in addition to English. Dozens of other languages are supported.
Responsible AI: Efficient guardrails baked in the model, with additional safety layer with safe prompt option.

Benchmarks

You can read more about the model and review evaluation results on Mistral AI’s blog: https://mistral.ai/news/mistral-large. The Benchmarks hub in Azure offers a standardized set of evaluation metrics for popular models including Mistral’s OSS models and Mistral Large.

Using Mistral Large on Azure AI

Let’s take care of the prerequisites first:

If you don’t have an Azure subscription, get one here: https://azure.microsoft.com/en-us/pricing/purchase-options/pay-as-you-go
Create an Azure  AI Studio hub and project. Make sure you pick East US 2 or France Central as the Azure region for the hub.

Next, you need to create a deployment to obtain the inference API and key:

Open the Mistral Large model card in the model catalog: https://aka.ms/aistudio/landing/mistral-large
Click on Deploy and pick the Pay-as-you-go option.
Subscribe to the Marketplace offer and deploy. You can also review the API pricing at this step.
You should land on the deployment page that shows you the API and key in less than a minute. You can try out your prompts in the playground.

The prerequisites and deployment steps are explained in the product documentation: https://learn.microsoft.com/en-us/azure/ai-studio/how-to/deploy-models-mistral.

You can use the API and key with various clients. Review the API schema if you are looking to integrate the REST API with your own client: https://learn.microsoft.com/en-us/azure/ai-studio/how-to/deploy-models-mistral#reference-for-mistral-large-deployed-as-a-service. Let’s review samples for some popular clients.

Basic CLI with curl and Python web request sample: https://github.com/Azure/azureml-examples/blob/main/sdk/python/foundation-models/mistral/webrequests.ipynb
Mistral clients: Azure APIs for Mistral Large are compatible with the API schema offered on the Mistral AI ‘s platform which allows you to use any of the Mistral AI platform clients with Azure APIs. Sample notebook for the Mistral python client: https://github.com/Azure/azureml-examples/blob/main/sdk/python/foundation-models/mistral/mistralai.ipynb
LangChain: API compatibility also enables you to use the Mistral AI’s Python and JavaScript LangChain integrations. Sample LangChain notebook: https://github.com/Azure/azureml-examples/blob/main/sdk/python/foundation-models/mistral/langchain.ipynb
LiteLLM: LiteLLM is easy to get started and offers consistent input/output format across many LLMs. Sample LiteLLM notebook: https://github.com/Azure/azureml-examples/blob/main/sdk/python/foundation-models/mistral/litellm.ipynb
Prompt flow: Prompt flow offers a web experience in Azure AI Studio and VS code extension to build LLM apps with support for authoring, orchestration, evaluation and deployment. Learn more: https://learn.microsoft.com/en-us/azure/ai-studio/how-to/prompt-flow. Out-of-the-box support for Mistral AI APIs on Azure is coming soon, but you can create a custom connection using the API and key, and use the SDK of your choice Python tool in prompt flow.

Develop with integrated content safety

Mistral AI APIs on Azure come with two layered safety approach – instructing the model through the system prompt and an additional content filtering system that screens prompts and completions for harmful content. Using the safe_prompt parameter prefixes the system prompt with a guardrail instruction as documented here. Additionally, the Azure AI content safety system that consists of an ensemble of classification models screens for specific types of harmful content. The external system is designed to be effective against adversarial prompts attacks such as prompts that ask the model to ignore previous instructions. When the content filtering system detects harmful content, you will receive either an error if the prompt was classified as harmful or the response will be partially or completely truncated with an appropriate message when the output generated is classified as harmful. Make sure you account for these scenarios where the content returned by the APIs is filtered when building your applications.

FAQs

What does it cost to use Mistral Large on Azure?

You are billed based on the number of prompt and completions tokens. You can review the pricing on the Mistral Large offer in the Marketplace offer details tab when deploying the model. You can also find the pricing on the Azure Marketplace: https://azuremarketplace.microsoft.com/en-us/marketplace/apps/000-000.mistral-ai-large-offer

Do I need GPU capacity in my Azure subscription to use Mistral Large?

No. Unlike the Mistral AI OSS models that deploy to VMs with GPUs using Online Endpoints, the Mistral Large model is offered as an API. Mistral Large is a premium model whose weights are not available, so you cannot deploy it to a VM yourself.

This blog talks about the Mistral Large experience in Azure AI Studio. Is Mistral Large available in Azure Machine Learning Studio?

Yes, Mistral Large is available in the Model Catalog in both Azure AI Studio and Azure Machine Learning Studio.

Does Mistral Large on Azure support function calling and Json output?

The Mistral Large model can do function calling and generate Json output, but support for those features will roll out soon on the Azure platform. 

Mistral Large is listed on the Azure Marketplace. Can I purchase and use Mistral Large directly from Azure Marketplace?

Azure Marketplace enables the purchase and billing of Mistral Large, but the purchase experience can only be accessed through the model catalog. Attempting to purchase Mistral Large from the Marketplace will redirect you to Azure AI Studio.

Given that Mistral Large is billed through the Azure Marketplace, does it retire my Azure consumption commitment (aka MACC)?

Yes, Mistral Large is an “Azure benefit eligible” Marketplace offer, which indicates MACC eligibility. Learn more about MACC here: https://learn.microsoft.com/en-us/marketplace/azure-consumption-commitment-benefit

Is my inference data shared with Mistral AI?

No, Microsoft does not share the content of any inference request or response data with Mistral AI. 

Are there rate limits for the Mistral Large API on Azure?

Mistral Large API comes with 200k tokens per minute and 1k requests per minute limit. Reach out to Azure customer support if this doesn’t suffice.

Are Mistral Large Azure APIs region specific?

Mistral Large API endpoints can be created in AI Studio projects to Azure Machine Learning workspaces in East US 2 or France Central Azure regions. If you want to use Mistral Large in prompt flow in project or workspaces in other regions, you can use the API and key as a connection to prompt flow manually. Essentially, you  can use the API from any Azure region once you create it in East US 2 or France Central.

Can I fine-tune Mistal Large?

Not yet, stay tuned…

Supercharge your AI apps with Mistral Large today. Head over to AI Studio model catalog to get started.

​Microsoft Tech Community – Latest Blogs –Read More