The Simple Chat Application is a comprehensive, web-based platform designed to facilitate secure and context-aware interactions with generative AI models, specifically leveraging Azure OpenAI. Its central feature is Retrieval-Augmented Generation (RAG), which significantly enhances AI interactions by allowing users to ground conversations in their own data. Users can upload personal ("Your Workspace") or shared group ("Group Workspaces") documents, which are processed using Azure AI Document Intelligence, chunked intelligently based on content type, vectorized via Azure OpenAI Embeddings, and indexed into Azure AI Search for efficient hybrid retrieval (semantic + keyword).
Built with modularity in mind, the application offers a suite of powerful optional features that can be enabled via administrative settings. These include integrating Azure AI Content Safety for governance, providing Image Generation capabilities (DALL-E), processing Video (via Azure Video Indexer) and Audio (via Azure Speech Service) files for RAG, implementing Document Classification schemes, collecting User Feedback, enabling Conversation Archiving for compliance, extracting AI-driven Metadata, and offering Enhanced Citations linked directly to source documents stored in Azure Storage.
The application utilizes Azure Cosmos DB for storing conversations, metadata, and settings, and is secured using Azure Active Directory (Entra ID) for authentication and fine-grained Role-Based Access Control (RBAC) via App Roles. Designed for enterprise use, it runs reliably on Azure App Service and supports deployment in both Azure Commercial and Azure Government cloud environments, offering a versatile tool for knowledge discovery, content generation, and collaborative AI-powered tasks within a secure, customizable, and Azure-native framework.
Simple Chat Documentation | Simple Chat Documentation
The following procedure must be completed with a user that has permissions to create an application registration in the users Entra tenant.
cd ./deployersDefine your application name and your environment:
appName =
environment =
The following script will create an Entra Enterprise Application, with an App Registration named <appName>-<environment>-ar for the web service called <appName>-<environment>-app.
Tip
The web service name may be overriden with the -AppServceName parameter.
Tip
A different expiration date for the secret which defaults to 180 days with the -SecretExpirationDays parameter.
.\Initialize-EntraApplication.ps1 -AppName "<appName>" -Environment "<environment>" -AppRolesJsonPath "./azurecli/appRegistrationRoles.json"Note
Be sure to save this information as it will not be available after the window is closed.*
App Registration Created Successfully!
Application Name: <registered application name>
Client ID: <clientID>
Tenant ID: <tenantID>
Service Principal ID: <servicePrincipalId>
Client Secret: <clientSecret>
Secret Expiration: <yyyy-mm-dd>
In addition, the script will note additional steps that must be taken for the app registration step to be completed.
-
Grant Admin Consent for API Permissions:
- Navigate to Azure Portal > Entra ID > App registrations
- Find app: <registered application name>
- Go to API permissions
- Click 'Grant admin consent for [Tenant]'
-
Assign Users/Groups to Enterprise Application:
- Navigate to Azure Portal > Entra ID > Enterprise applications
- Find app: <registered application name>
- Go to Users and groups
- Add user/group assignments with appropriate app roles
-
Store the Client Secret Securely:
- Save the client secret in Azure Key Vault or secure credential store
- The secret value is shown above and will not be displayed again
Using the bash terminal in Visual Studio Code
cd ./deployersIf you work with other Azure clouds, you may need to update your cloud like azd config set cloud.name AzureUSGovernment - more information here - Use Azure Developer CLI in sovereign clouds | Microsoft Learn
azd config set cloud.name AzureCloudThis will open a browser window that the user with Owner level permissions to the target subscription will need to authenticate with.
azd auth loginUse the same value for the <environment> that was used in the application registration.
azd env new <environment>Select the new environment
azd env select <environment>This step will begin the deployment process.
azd up 
-
Chat with AI: Interact with an AI model based on Azure OpenAI’s GPT and Thinking models.
-
RAG with Hybrid Search: Upload documents and perform hybrid searches (vector + keyword), retrieving relevant information from your files to augment AI responses.
-
Document Management: Upload, store, and manage multiple versions of documents—personal ("Your Workspace") or group-level ("Group Workspaces").
-
Group Management: Create and join groups to share access to group-specific documents, enabling collaboration with Role-Based Access Control (RBAC).
-
Ephemeral (Single-Convo) Documents: Upload temporary documents available only during the current chat session, without persistent storage in Azure AI Search.
-
Conversation Archiving (Optional): Retain copies of user conversations—even after deletion from the UI—in a dedicated Cosmos DB container for audit, compliance, or legal requirements.
-
Content Safety (Optional): Integrate Azure AI Content Safety to review every user message before it reaches AI models, search indexes, or image generation services. Enforce custom filters and compliance policies, with an optional
SafetyAdminrole for viewing violations. -
Feedback System (Optional): Allow users to rate AI responses (thumbs up/down) and provide contextual comments on negative feedback. Includes user and admin dashboards, governed by an optional
FeedbackAdminrole. -
Bing Web Search (Optional): Augment AI responses with live Bing search results, providing up-to-date information. Configurable via Admin Settings.
-
Image Generation (Optional): Enable on-demand image creation using Azure OpenAI's DALL-E models, controlled via Admin Settings.
-
Video Extraction (Optional): Utilize Azure Video Indexer to transcribe speech and perform Optical Character Recognition (OCR) on video frames. Segments are timestamp-chunked for precise retrieval and enhanced citations linking back to the video timecode.
-
Audio Extraction (Optional): Leverage Azure Speech Service to transcribe audio files into timestamped text chunks, making audio content searchable and enabling enhanced citations linked to audio timecodes.
-
Document Classification (Optional): Admins define custom classification types and associated colors. Users tag uploaded documents with these labels, which flow through to AI conversations, providing lineage and insight into data sensitivity or type.
-
Enhanced Citation (Optional): Store processed, chunked files in Azure Storage (organized into user- and document-scoped folders). Display interactive citations in the UI—showing page numbers or timestamps—that link directly to the source document preview.
-
Metadata Extraction (Optional): Apply an AI model (configurable GPT model via Admin Settings) to automatically generate keywords, two-sentence summaries, and infer author/date for uploaded documents. Allows manual override for richer search context.
-
File Processing Logs (Optional): Enable verbose logging for all ingestion pipelines (workspaces and ephemeral chat uploads) to aid in debugging, monitoring, and auditing file processing steps.
-
Redis Cache (Optional): Integrate Azure Cache for Redis to provide a distributed, high-performance session store. This enables true horizontal scaling and high availability by decoupling user sessions from individual app instances.
-
Authentication & RBAC: Secure access via Azure Active Directory (Entra ID) using MSAL. Supports Managed Identities for Azure service authentication, group-based controls, and custom application roles (
Admin,User,CreateGroup,SafetyAdmin,FeedbackAdmin). -
Supported File Types:
- Text:
txt,md,html,json,xml,yaml,yml,log - Documents:
pdf,doc,docm,docx,pptx,xlsx,xlsm,xls,csv - Images:
jpg,jpeg,png,bmp,tiff,tif,heif - Video:
mp4,mov,avi,wmv,mkv,flv,mxf,gxf,ts,ps,3gp,3gpp,mpg,asf,m4v,isma,ismv,dvr-ms - Audio:
wav,m4a
- Text:
