Python: [Bug]: Foundry Hosted Agent from_agent_framework removes Authorization Header disabling OBO possibilities

[ashishmundra4001]

Description

Issue: Authorization Header Not Passed to Agent Framework Hosting Adapter

We are hosting an Agent in Foundry using the Hosted Agent model. The implementation follows the sample at:
[foundry-samples/samples/python/hosted-agents/agent-framework/agent-with-foundry-tools/main.py](https://github.com/microsoft-foundry/foundry-samples/blob/main/samples/python/hosted-agents/agent-framework/agent-with-foundry-tools/main.py), which relies on the HostingAdapter from_agent_framework.

Currently, I’ve observed that metadata sent via the /responses API is surfaced in AgentContext.agent._request_headers. However, this does not include the OAuth token provided in the Authorization header.

This omission is problematic because:

• Our Agent needs to call downstream APIs that are OAuth-protected and require user context.
• The ideal flow is to obtain an OBO (On-Behalf-Of) token from the original incoming token.
• Without access to the Authorization header, OBO cannot be performed, which makes Agents unsuitable for production scenarios requiring user-context delegation.

A possible workaround is to ask callers to include the OAuth token in the /responses metadata field. However, this is non-standard and insecure, since callers could spoof arbitrary tokens.

Proposed Fix

The Agent Framework Hosting Adapter should be updated to forward the Authorization header token into the Agent middleware. This would enable Agents to:

• Retrieve OBO tokens from the original incoming token.
• Use those OBO tokens to securely call downstream APIs and MCP servers.

Code Sample

You can take this codebase - https://github.com/microsoft-foundry/foundry-samples/blob/main/samples/python/hosted-agents/agent-framework/agent-with-foundry-tools/main.py

And this middleware codebase where Authorization header is not injected - https://github.com/microsoft/agent-framework/blob/fcdaaff9cd32a410c51fb0bfa0080d277cbcab81/python/samples/02-agents/middleware/agent_and_run_level_middleware.py

Error Messages / Stack Traces

Unable to extract Authorization header.

Package Versions

Latest

Python Version

Python 3.12

Additional Context

No response

[eavanvalkenburg]

Thanks for the detailed report! After investigating the request flow, this issue originates in the Azure SDK hosting layer rather than in the agent-framework itself.

Where the problem is

The fix belongs in azure-ai-agentserver-agentframework (and its dependency azure-ai-agentserver-core):

1. AgentRunContextMiddleware.dispatch() in azure-ai-agentserver-core receives the full Starlette Request (which includes all HTTP headers), but currently only extracts X-Request-Id — it ignores the Authorization header entirely.
2. AgentRunContext.__init__() only stores the JSON body payload; it has no awareness of HTTP headers.
3. AgentFrameworkCBAgent.agent_run() in azure-ai-agentserver-agentframework calls self.agent.run(message) with only the converted message — no auth context, no metadata, no client_kwargs.

Why agent-framework is already equipped for this

The agent-framework Agent.run() already supports passing arbitrary data via function_invocation_kwargs and client_kwargs, and AgentContext.metadata is specifically designed for middleware to share data like auth tokens. No changes are needed on this side.

Suggested fix (in the Azure SDK repo)

1. AgentRunContext (or runs_endpoint) should capture the Authorization header from the incoming HTTP request.
2. AgentFrameworkCBAgent.agent_run() should forward it to self.agent.run(message, client_kwargs={"authorization": token}) so it lands in AgentContext.

Next step

Could you please open an issue against Azure/azure-sdk-for-python targeting the azure-ai-agentserver-agentframework / azure-ai-agentserver-core packages? That team owns the hosting adapter code that needs the change.

[ashishmundra4001]

Thanks much for looking into this. Highly appreciate your quick response.