DEV Community

CodeKing
CodeKing

Posted on

"My Company Has Azure OpenAI. My AI Coding Tools Had No Idea What to Do With It."

#ai #webdev #javascript #tutorial

My company's Azure OpenAI deployment has been running for eight months. Enterprise-grade security controls, compliance logging, the whole setup. Every team that needs AI API access routes through it.

Every team except the ones using AI coding tools.

Claude Code talks Anthropic protocol. Codex CLI talks OpenAI protocol, but to the public endpoint. Azure OpenAI is a different enough target that just pointing the tools at it doesn't work — and the error messages are not helpful when it silently fails.

What Makes Azure OpenAI Different

If you've only used the direct OpenAI or Anthropic APIs, Azure OpenAI looks similar at first glance. It's still a REST API, still returns completions. But the differences compound quickly when you're trying to make a proxy work:

Endpoint format is different. Instead of api.openai.com, you have a resource-specific URL:

https://your-resource-name.openai.azure.com
Enter fullscreen mode Exit fullscreen mode

Models are replaced by deployments. You don't call gpt-4o. You call a deployment — an instance you created in the Azure portal that points to a model. The deployment name is arbitrary (my-gpt4-deployment, prod-coding-model). Your code has to know it.

API version is required. Every request needs a ?api-version=2024-10-21 query parameter (or similar). Miss it and the request fails with a cryptic error.

JSON Schema rules are stricter. Azure OpenAI's tool definition validation rejects things the direct OpenAI API accepts — $schema, $id, definitions fields, const values. If your tool definitions contain any of these (and Claude Code's do), requests fail silently.

That last one took me an embarrassingly long time to figure out.

The Translation Problem

Claude Code sends requests in Anthropic's Messages API format. Azure OpenAI accepts OpenAI's Responses API format. Between those two surfaces there's:

  • A message format translation (Anthropic content blocks → OpenAI messages)
  • Tool definition translation (Anthropic tool schema → Azure-safe OpenAI tool schema)
  • Response translation back (OpenAI completion → Anthropic-format streaming response)
  • Schema sanitization that strips the fields Azure rejects and converts const to enum

The sanitization step is the one that actually makes things work. Claude Code includes hosted tool definitions with JSON Schema features that Azure's stricter validator rejects. The proxy strips $schema, $id, $defs, $comment, definitions, and examples fields, and converts const: value to enum: [value] before forwarding. Azure accepts the result.

Setting It Up in CliGate

CliGate now supports Azure OpenAI as a native key type. In the API Keys tab, add a new key and select Azure OpenAI as the provider. You'll fill in four fields:

  • API Key — your Azure OpenAI resource key from the Azure portal
  • Base URLhttps://your-resource-name.openai.azure.com
  • Deployment Name — the name you gave your deployment in Azure (e.g. gpt4o-prod)
  • API Version — e.g. 2024-10-21

Once saved, that key appears in your routing options. You can assign it as the backend for Claude Code, Codex CLI, or the chat UI — or let the router pick it based on priority settings.

From Claude Code's perspective, nothing changes. You're still hitting localhost:8081 with Anthropic credentials. The proxy handles the translation, the schema cleaning, the deployment name injection, and the API version parameter. The response comes back in valid Anthropic streaming format.

Why This Matters for Enterprise Teams

The practical upshot: your AI coding tools now route through your company's Azure deployment.

That means:

  • Requests flow through your company's network controls and compliance logging
  • You're not using personal API keys or personal accounts for work
  • Usage appears in your Azure portal dashboards alongside other company AI usage
  • The content controls and safety policies your company configured in Azure apply

For teams where "just use the public API with your personal key" isn't an acceptable answer — because it usually isn't on enterprise projects — this closes a gap that's been annoying for a while.

One Thing to Watch

Azure OpenAI deployments have their own rate limits, set at the deployment level in the Azure portal. If you're routing multiple AI coding tools through a single deployment, you can hit those limits quickly during intensive sessions. The proxy handles failover to other keys if you've configured them, but it's worth sizing your deployment quota for the team's expected usage before you roll this out.

The Azure OpenAI provider in CliGate is part of the open-source release: github.com/codeking-ai/cligate

If you're in an enterprise setup and have gotten AI coding tools working through your company's infrastructure — curious how you handled it. Azure, on-prem, something else?

Top comments (0)