CrewAI 1.6.x Native Azure Provider Does Not Support Azure AD Token Authentication (Entra ID)

Jatin_Iyer · December 11, 2025, 8:29am

When using CrewAI 1.6.x with Azure OpenAI and Azure AD token authentication (Microsoft Entra ID), the native Azure provider fails because it only supports AzureKeyCredential (API key authentication), not TokenCredential (Azure AD/Managed Identity).

This is a breaking change from the behavior in CrewAI 0.x versions, where LiteLLM handled authentication and supported Azure AD tokens via the azure_ad_token_provider parameter or AZURE_AD_TOKEN environment variable

Environment

CrewAI Version: 1.6.1 (also tested with 1.7.0)
Python Version: 3.13
OS: Windows 11
Azure SDK: azure-identity 1.25.1

Steps to Reproduce

1. Set up Azure AD authentication (working with Azure SDK directly)

from azure.identity import DefaultAzureCredential, get_bearer_token_provider

from openai import AzureOpenAI

# This works perfectly with Azure OpenAI SDK directly

token_provider = get_bearer_token_provider(

DefaultAzureCredential(),

“https://cognitiveservices.azure.com/.default”

)

# Direct Azure OpenAI SDK - works with AD token

client = AzureOpenAI(

azure_endpoint=“https://my-endpoint.openai.azure.com/”,

azure_ad_token_provider=token_provider,

api_version=“2024-02-01”

)

# This works!

response = client.chat.completions.create(

model=“gpt-4o-mini”,

messages=[{“role”: “user”, “content”: “Hello”}]

)

2. Try the same with CrewAI 1.6.x

import os

from azure.identity import DefaultAzureCredential, get_bearer_token_provider

from crewai import LLM

# Get token and set environment variable (as documented for LiteLLM)

token_provider = get_bearer_token_provider(

DefaultAzureCredential(),

“https://cognitiveservices.azure.com/.default”

)

os.environ[“AZURE_AD_TOKEN”] = token_provider()

# This fails!

llm = LLM(

model=“azure/gpt-4o-mini”,

base_url=“https://my-endpoint.openai.azure.com/”,

api_version=“2024-02-01”

# No api_key - using Azure AD token

)

Expected Behavior

CrewAI should support Azure AD token authentication for Azure OpenAI, as this is the recommended authentication method for enterprise environments using:

Managed Identity (AKS, Azure VMs, Azure Functions)
Azure CLI/PowerShell credentials
Service Principal with certificate

Actual Behavior

ImportError: Error importing native provider: Azure API key is required.

Set AZURE_API_KEY environment variable or pass api_key parameter.

does anyone have any fix for this ?

Topic		Replies	Views
How to use Azure AD token based auth to run crews! CrewAI Community Support crewai	0	26	December 8, 2025
Use of Azure OpenAI token provider CrewAI Community Support	3	332	October 4, 2025
Unable to connect to Azure Open AI using AD token provider CrewAI Community Support agent , task , crewai	1	133	October 1, 2025
Azure OpenAI and CrewAI General crewai	8	4712	December 9, 2024
I need to use Azure OpenAI Gpt-4o-mini API for my crewai agents, I am struggling with errors only and I can;t find Documentation CrewAI Community Support openai , crewai	3	321	May 23, 2025