There are three parts to integrating Azure with Encord:
Creating the integration with the Encord platform.
Authenticating your storage account for integration on the Azure platform.
Click on Azure.
Give your integration a meaningful name.
Select your preferred method of authentication in Step 3 the Azure integration window.
You can authenticate Azure in two different ways:
Using a service principal to authenticate you require you to:
There are three different ways to add the cord-integrator app to Azure tenant:
You can add the cord-integrator application in the Settings of the Encord app. If logged in to the Encord platform, you are redirected to the ‘Azure integration’ screen after the application was successfully added.
The cord-integrator must be granted two types of permissions in order to function:
You can find the Azure Tenant ID in the Active Directory overview of your Azure project.
Paste the tenant ID into Step 4 of the Azure integrations window, after you have added the cord-integrator app, granted it storage account, and container permissions and located your Azure tenant.
A CORS configuration must be applied to the Azure storage account you want to integrate with Encord. This enables Encord to request resources from the specified service account using a browser.
Allowed origins | Allowed methods | Allowed headers | Exposed headers | Max age |
---|---|---|---|---|
<https://app.encord.com\> | GET, POST, OPTIONS, PUT | * | * | 3600 |
<https://api.encord.com\> | GET, POST, OPTIONS, PUT | * | * | 3600 |
<https://app.us.encord.com\> | GET, POST, OPTIONS, PUT | * | * | 3600 |
<https://api.us.encord.com\> | GET, POST, OPTIONS, PUT | * | * | 3600 |
For customers working with teams in India
Some users find it more reliable to access our Encord App deployment focused for Indian users. Instruct your team based in India to use https://app.in.encord.com and add that domain to your permitted CORS settings.
Allowed origins | Allowed methods | Allowed headers | Exposed headers | Max age |
---|---|---|---|---|
<https://app.encord.com\> | GET, POST, OPTIONS, PUT | * | * | 3600 |
<https://api.encord.com\> | GET, POST, OPTIONS, PUT | * | * | 3600 |
<https://app.in.encord.com\> | GET, POST, OPTIONS, PUT | * | * | 3600 |
In the example above, preflight requests are valid for 1 hour. Use the ‘Max Age’ variable to adjust the number of seconds the browser is allowed to make requests before it must repeat the preflight request.
Click Save to save the CORS configuration.
Click Create to finish setting up the integration, in Encord.
Click the Run a test button on the integration, to test that the integration works.
Paste the URL of any object in your Azure storage and click Check Encord can access this URL. If the test is successful a green tick appears next to Encord infrastructure and This machine.
Shared access tokens expire and have to be updated in order to continue providing Encord with access to your Azure storage.
To update the account-level SAS token:
Click the three dots icon on your Azure integration.
Click Update SAS token.
A field for your new SAS token appears.
Navigate to the Register cloud data page for guidance on how to register data stored in Azure.