Error code: 400 when running General purpose Fluency evaluators

Justin Obanor 40 Reputation points
2026-06-22T19:13:37.83+00:00

Using the sample sample_fluency.py from azure-sdk-for-python at sdk/ai/azure-ai-projects/samples/evaluations/agentic_evaluators/sample_fluency.py, client.evals.create() succeeds but client.evals.runs.create() fails with:

BadRequestError: Error code: 400 - {'error': {'code': 'UserError', 'severity': None, 'message': 'The action cannnot be finished with reason Forbidden', 'messageFormat': 'The action cannnot be finished with reason {error}', 'messageParameters': {'error': 'Forbidden'}, 'referenceCode': None, 'detailsUri': None, 'target': None, 'details': [], 'innerError': {'code': 'UnauthorizedUserAction', 'innerError': None}, 'debugInfo': None, 'additionalInfo': None}, 'correlation': {'operation': 'e9a6cfb5f254b4298cc505acf31ed58c', 'request': '57fc69d1782fbf76'}, 'environment': 'eastus2', 'location': 'eastus2', 'time': '2026-06-22T18:35:59.0328447+00:00', 'componentName': 'raisvc', 'statusCode': 400}

The failure occurs only when creating the evaluation run.

The identity executing the code has the Foundry User role assigned on the Azure AI Foundry resource. I also assigned Foundry User to the project managed identity on the project level.

Inference works successfully using:

client.chat.completions.create(...)

with the same project and model deployment.

Is there additional RBAC required specifically for Evaluation Runs? Or any thing else that might be cauing the RequestError

Microsoft Foundry
Microsoft Foundry

A unified Azure platform for creating and managing AI models, agents, and applications with built‑in enterprise security, monitoring, and governance


Answer accepted by question author

Anshika Varshney 14,085 Reputation points Microsoft External Staff Moderator
2026-06-22T20:13:18.21+00:00

Hello @Justin Obanor

Based on the error details and Microsoft's documentation, the issue is likely network restrictions on your Azure AI Foundry account, not missing RBACroles.

Primary Cause: Network Restrictions Blocking raisvc

The error mentions raisvc (the evaluation backend service) and shows "Forbidden" - Microsoft has confirmed this exact issue occurs when the Foundry account uses Selected Networks network restrictions: [learn.microsoft]

  • Evaluation works when networkAcls.defaultAction = Allow
  • Evaluation fails when networkAcls.defaultAction = Deny (even with bypass = AzureServices)

The evaluation backend service cannot reach your restricted resources, even though inference works (your direct chat.completions.create call uses a different path).

Solution Steps

1. Check Network Configuration

bash
az cognitive services account show \
  --resource-group <your-resource-group> \
  --name <your-foundry-account-name> \
  --query "networkAcls"

2. Temporary Test: Enable Public Access

Temporarily set defaultAction to Allow to confirm this is the issue:

bash
az cognitive services account update \
  --resource-group <your-resource-group> \
  --name <your-foundry-account-name> \
  --bypass AzureServices \
  --default-action Allow

If evaluations work after this, network restrictions are confirmed as the cause.

3. Permanent Fix: Add Required Service Endpoints

Instead of fully disabling restrictions, add the evaluation service to your permitted networks:

  • Find the evaluation backend service endpoint
  • Add it to your network ACLs' allowed IPs/vnets
  • Or use a private endpoint configuration for evaluations

Secondary Checks (if network isn't the issue)

RBAC Requirements for Evaluation Runs:

While Foundry User should work, verify these minimum roles on the project:

  • Azure AI Foundry User (you have this)
  • Cognitive Services OpenAI User (if using Azure OpenAI)
  • Storage Blob Data Contributor on the storage account (for Entra ID auth)

Storage Account Configuration:

If using Entra ID authentication for storage:

bash
# Verify managed identity has Storage Blob Data Contributor

The storage account must also have publicNetworkAccess = Enabled.

Start with the network restriction check, this matches your exact error pattern (create succeeds, runs.create fails with raisvc/Forbidden) and is the most common cause per Microsoft's recent reports.

I Hope this helps. Do let me know if you have any further queries.
Thankyou!

Was this answer helpful?

1 person found this answer helpful.
0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Alex Burlachenko 23,170 Reputation points MVP Volunteer Moderator
    2026-06-25T12:07:17.4566667+00:00

    hi Justin Obanor & thx for sharing urs issue here at Q&A portal,

    inference is allowed, but the eval runtime path is blocked.

    client.evals.create() only creates the eval definition. client.evals.runs.create() actually kicks off the evaluator job, and that can hit extra Foundry/RAI service permissions behind the scenes. The clue is componentName: raisvc + UnauthorizedUserAction.

    Foundry User may be enough for normal project usage/inference, but eval runs can need broader project/resource perms, esp if the run has to read data, access model deployment, write eval outputs, or call RAI/evaluation services.

    Try to do a quick test give the executing identity Azure AI Developer on the project or Foundry resource, not only Foundry User, then retry. If it works, u have the answer eval runs need more than the current role grants. https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/rbac-azure-ai-foundry Also make sure the project managed identity has access to whatever the eval run uses: model deployment, storage/data asset, connection, and any workspace/project resources. Inference working from the client doesn’t prove the service-side eval job identity can access those deps. Since the error is thrown by raisvc, I’d include the operation/request IDs in a support ticket if RBAC change doesn’t fix it operation: e9a6cfb5f254b4298cc505acf31ed58c & request: 57fc69d1782fbf76

    My guess not a bad sample file. More likely eval run authorization is stricter than chat inference, and the backend is returning a bad 400 wrapper around what is really a forbidden action.

    rgds,

    Alex

    &

    If my answer was helpful pls mark it and additional thx if u follow me at Q&A portal 
    and at my blog https://ctrlaltdel.blog/
    

    Was this answer helpful?

    0 comments No comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.