infra/modules/apim/policies/api_policy_openai.xml (52 lines of code) (raw):

<policies> <inbound> <base/> <set-backend-service backend-id="openai-backend" /> <!-- Use Managed Identity to authenticate to the backend --> <authentication-managed-identity resource="https://cognitiveservices.azure.com" /> <!-- Capture the value of the streaming property if it is included --> <choose> <when condition="@(context.Request.Body.As<JObject>(true)["stream"] != null && context.Request.Body.As<JObject>(true)["stream"].Type != JTokenType.Null)"> <set-variable name="isStream" value="@{ var content = (context.Request.Body?.As<JObject>(true)); string streamValue = content["stream"].ToString(); return streamValue; }" /> </when> </choose> <!-- Blocks streaming completions and returns 404 --> <choose> <when condition="@(context.Variables.GetValueOrDefault<string>("isStream","false").Equals("true", StringComparison.OrdinalIgnoreCase))"> <return-response> <set-status code="404" reason="BlockStreaming" /> <set-header name="Microsoft-Azure-Api-Management-Correlation-Id" exists-action="override"> <value>@{return Guid.NewGuid().ToString();}</value> </set-header> <set-body>Streaming chat completions are not allowed by this organization.</set-body> </return-response> </when> </choose> </inbound> <backend> <base/> </backend> <outbound> <base/> <choose> <when condition="@(context.Response.StatusCode == 200)"> <log-to-eventhub logger-id="eventhub-logger">@{ var responseBody = context.Response.Body?.As<JObject>(true); return new JObject( new JProperty("timestamp", DateTime.UtcNow.ToString()), new JProperty("appId", context.Request.Headers.GetValueOrDefault("Authorization",string.Empty).Split(' ').Last().AsJwt().Claims.GetValueOrDefault("appid", string.Empty)), new JProperty("appSubscriptionKey", context.Request.Headers.GetValueOrDefault("Ocp-Apim-Subscription-Key",string.Empty)), new JProperty("promptTokens", responseBody?["promptTokens"]?.ToString() ?? "null"), new JProperty("responseTokens", responseBody?["responseTokens"]?.ToString() ?? "null"), new JProperty("totalTokens", responseBody?["totalTokens"]?.ToString() ?? "null") ).ToString(); } </log-to-eventhub> </when> </choose> </outbound> <on-error> <base/> </on-error> </policies>