Phoenix Playground primarily supports LLM provider authentication via API keys, either set in the browser or as server-side environment variables. For Azure OpenAI, you can also use environment variables like AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_FEDERATED_TOKEN_FILE to enable <https://learn.microsoft.com/en-us/python/api/azure-identity/azure.identity.workloadidentitycredential?view=azure-python|WorkloadIdentityCredential>, which is a form of IAM-based authentication. There is no documented support for certificate-based authentication or other IAM methods for providers besides Azure OpenAI at this time.
For all other providers (OpenAI, Anthropic, Gemini, etc.), authentication is limited to API keys as described in the documentation. If both browser and server environment variables are set, the browser-stored key takes precedence. No support for certificate-based auth is mentioned in the available data sources. Would you like more detail on configuring Azure IAM or other provider options?
Sources:
- <https://github.com/Arize-ai/phoenix/blob/main/docs/prompt-engineering/how-to-prompts/configure-ai-providers.md|Configure AI Providers>
