Skip to main content

After Deployment

Once deployed, you will receive:

  1. Application URL: the Container App's default FQDN
  2. Setup instructions: for creating your initial admin user
  3. Guidance for API key management: API keys are managed from the application's Integrations page after setup

Optional Post-Deployment Configuration

These can be set up after the initial deployment:

  • Custom domain: If you want the application accessible via your own domain (e.g., docai.yourcompany.com), we provide the Container App's FQDN, you create a CNAME record pointing to it, and we configure the domain binding with automatic SSL.

Updates

Updates are deployed by our team via automated CI/CD. The process:

  1. We tag a new release for your environment
  2. The CI/CD pipeline builds and deploys the new version to your Container App
  3. Azure Container Apps handles zero-downtime rolling updates
  4. You are notified before and after each update

Only application code is updated. Your data, configuration, and infrastructure remain unchanged.

Security

  • The service principal has access only to the resources we create for you
  • OIDC federation means no long-lived secrets are stored in our CI/CD system
  • Blob Storage uses managed identity (no storage keys in application config)
  • All application secrets are stored in your Key Vault instance
  • Every deployment is auditable in GitHub Actions logs
  • You can revoke access at any time by deleting the service principal

FAQ

Can I monitor the application myself?

Yes. Application Insights and Log Analytics are deployed in your resource group. You have full access to logs, metrics, and alerts in the Azure Portal. See Application Logs for details on shared log access.

What happens if I revoke the service principal?

We lose the ability to deploy updates. The application continues to run with the last deployed version. You can re-grant access at any time by creating a new service principal.

What Azure regions are supported?

Any region that supports Azure Container Apps, Azure Managed Redis, and Azure Container Registry. Most major regions are supported.

Can I use my existing Azure OpenAI deployment?

Yes. Provide the endpoint URL and API key, and we'll configure the application to use your existing deployment. Multiple endpoints are supported for load balancing.