* Replace Role and FinishReason classes with NewType + Literal
- Remove EnumLike metaclass from _types.py
- Replace Role class with NewType('Role', str) + RoleLiteral
- Replace FinishReason class with NewType('FinishReason', str) + FinishReasonLiteral
- Update all usages across codebase to use string literals
- Remove .value access patterns (direct string comparison now works)
- Add backward compatibility for legacy dict serialization format
- Update tests to reflect new string-based types
Addresses #3591, #3615
* Simplify ChatResponse and AgentResponse type hints (#3592)
- Remove overloads from ChatResponse.__init__
- Remove text parameter from ChatResponse.__init__
- Remove | dict[str, Any] from finish_reason and usage_details params
- Remove **kwargs from AgentResponse.__init__
- Both now accept ChatMessage | Sequence[ChatMessage] | None for messages
- Update docstrings and examples to reflect changes
- Fix tests that were using removed kwargs
- Fix Role type hint usage in ag-ui utils
* Remove text parameter from ChatResponseUpdate and AgentResponseUpdate (#3597)
- Remove text parameter from ChatResponseUpdate.__init__
- Remove text parameter from AgentResponseUpdate.__init__
- Remove **kwargs from both update classes
- Simplify contents parameter type to Sequence[Content] | None
- Update all usages to use contents=[Content.from_text(...)] pattern
- Fix imports in test files
- Update docstrings and examples
* Rename from_chat_response_updates to from_updates (#3593)
- ChatResponse.from_chat_response_updates โ ChatResponse.from_updates
- ChatResponse.from_chat_response_generator โ ChatResponse.from_update_generator
- AgentResponse.from_agent_run_response_updates โ AgentResponse.from_updates
* Remove try_parse_value method from ChatResponse and AgentResponse (#3595)
- Remove try_parse_value method from ChatResponse
- Remove try_parse_value method from AgentResponse
- Remove try_parse_value calls from from_updates and from_update_generator methods
- Update samples to use try/except with response.value instead
- Update tests to use response.value pattern
- Users should now use response.value with try/except for safe parsing
* Add agent_id to AgentResponse and clarify author_name documentation (#3596)
- Add agent_id parameter to AgentResponse class
- Document that author_name is on ChatMessage objects, not responses
- Update ChatResponse docstring with author_name note
- Update AgentResponse docstring with author_name note
* Simplify ChatMessage.__init__ signature (#3618)
- Make contents a positional argument accepting Sequence[Content | str]
- Auto-convert strings in contents to TextContent
- Remove overloads, keep text kwarg for backward compatibility with serialization
- Update _parse_content_list to handle string items
- Update all usages across codebase to use new format: ChatMessage("role", ["text"])
* Allow Content as input on run and get_response
- Update prepare_messages and normalize_messages to accept Content
- Update type signatures in _agents.py and _clients.py
- Add tests for Content input handling
* Fix ChatMessage usage across packages and samples
Update all remaining ChatMessage(role=..., text=...) to use new
ChatMessage('role', ['text']) signature.
* Fix Role string usage and response format parsing
- Fix redis provider: remove .value access on string literals
- Fix durabletask ensure_response_format: set _response_format before accessing .value
* Fix ollama .value and ai_model_id issues, handle None in content list
- Fix ollama _chat_client: remove .value on string literals
- Fix ollama _chat_client: rename ai_model_id to model_id
- Fix _parse_content_list: skip None values gracefully
* Fix A2AAgent type signature to include Content
* Fix Role/FinishReason NewType dict annotations and improve test coverage to 95%
* Fix mypy errors for Role/FinishReason NewType usage
* Fix Role.TOOL and Role.ASSISTANT usage in _orchestrator_helpers.py
* Fix Role NewType usage in durabletask _models.py
Purview Policy Enforcement Sample (Python)
This getting-started sample shows how to attach Microsoft Purview policy evaluation to an Agent Framework ChatAgent using the middleware approach.
What this sample demonstrates:
- Configure an Azure OpenAI chat client
- Add Purview policy enforcement middleware (
PurviewPolicyMiddleware) - Add Purview policy enforcement at the chat client level (
PurviewChatPolicyMiddleware) - Implement a custom cache provider for advanced caching scenarios
- Run conversations and observe prompt / response blocking behavior
Note: Caching is automatic and enabled by default with sensible defaults (30-minute TTL, 200MB max size).
1. Setup
Required Environment Variables
| Variable | Required | Purpose |
|---|---|---|
AZURE_OPENAI_ENDPOINT |
Yes | Azure OpenAI endpoint (https://.openai.azure.com) |
AZURE_OPENAI_DEPLOYMENT_NAME |
Optional | Model deployment name (defaults inside SDK if omitted) |
PURVIEW_CLIENT_APP_ID |
Yes* | Client (application) ID used for Purview authentication |
PURVIEW_USE_CERT_AUTH |
Optional (true/false) |
Switch between certificate and interactive auth |
PURVIEW_TENANT_ID |
Yes (when cert auth on) | Tenant ID for certificate authentication |
PURVIEW_CERT_PATH |
Yes (when cert auth on) | Path to your .pfx certificate |
PURVIEW_CERT_PASSWORD |
Optional | Password for encrypted certs |
2. Auth Modes Supported
A. Interactive Browser Authentication (default)
Opens a browser on first run to sign in.
$env:AZURE_OPENAI_ENDPOINT = "https://your-openai-instance.openai.azure.com"
$env:PURVIEW_CLIENT_APP_ID = "00000000-0000-0000-0000-000000000000"
B. Certificate Authentication
For headless / CI scenarios.
$env:PURVIEW_USE_CERT_AUTH = "true"
$env:PURVIEW_TENANT_ID = "<tenant-guid>"
$env:PURVIEW_CERT_PATH = "C:\path\to\cert.pfx"
$env:PURVIEW_CERT_PASSWORD = "optional-password"
Certificate steps (summary): create / register entra app, generate certificate, upload public key, export .pfx with private key, grant required Graph / Purview permissions.
3. Run the Sample
From repo root:
cd python/samples/getting_started/purview_agent
python sample_purview_agent.py
If interactive auth is used, a browser window will appear the first time.
4. How It Works
The sample demonstrates three different scenarios:
A. Agent Middleware (run_with_agent_middleware)
- Builds an Azure OpenAI chat client (using the environment endpoint / deployment)
- Chooses credential mode (certificate vs interactive)
- Creates
PurviewPolicyMiddlewarewithPurviewSettings - Injects middleware into the agent at construction
- Sends two user messages sequentially
- Prints results (or policy block messages)
- Uses default caching automatically
B. Chat Client Middleware (run_with_chat_middleware)
- Creates a chat client with
PurviewChatPolicyMiddlewareattached directly - Policy evaluation happens at the chat client level rather than agent level
- Demonstrates an alternative integration point for Purview policies
- Uses default caching automatically
C. Custom Cache Provider (run_with_custom_cache_provider)
- Implements the
CacheProviderprotocol with a custom class (SimpleDictCacheProvider) - Shows how to add custom logging and metrics to cache operations
- The custom provider must implement three async methods:
async def get(self, key: str) -> Any | Noneasync def set(self, key: str, value: Any, ttl_seconds: int | None = None) -> Noneasync def remove(self, key: str) -> None
Policy Behavior:
Prompt blocks set a system-level message: Prompt blocked by policy and terminate the run early. Response blocks rewrite the output to Response blocked by policy.
5. Code Snippets
Agent Middleware Injection
agent = ChatAgent(
chat_client=chat_client,
instructions="You are good at telling jokes.",
name="Joker",
middleware=[
PurviewPolicyMiddleware(credential, PurviewSettings(app_name="Sample App"))
],
)
Custom Cache Provider Implementation
This is only needed if you want to integrate with external caching systems.
class SimpleDictCacheProvider:
"""Custom cache provider that implements the CacheProvider protocol."""
def __init__(self) -> None:
self._cache: dict[str, Any] = {}
async def get(self, key: str) -> Any | None:
"""Get a value from the cache."""
return self._cache.get(key)
async def set(self, key: str, value: Any, ttl_seconds: int | None = None) -> None:
"""Set a value in the cache."""
self._cache[key] = value
async def remove(self, key: str) -> None:
"""Remove a value from the cache."""
self._cache.pop(key, None)
# Use the custom cache provider
custom_cache = SimpleDictCacheProvider()
middleware = PurviewPolicyMiddleware(
credential,
PurviewSettings(app_name="Sample App"),
cache_provider=custom_cache,
)