> For the complete documentation index, see [llms.txt](https://docs.inogic.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.inogic.com/next-best-action/configuration/configure-nba-ai-ml-engine.md).

# Configure NBA AI/ML Engine

Follow the steps below to retrieve the required configuration details from the NBA Engine deployment in Azure:

* Navigate to **Managed Applications** and open **NBAEngine**.

<figure><img src="/files/iJ0qFRIExb0VkNGU5D53" alt=""><figcaption></figcaption></figure>

* On the **Overview** page, click **Managed Resource Group**.

<figure><img src="/files/sEVBSUcvYDNxNDjwjwAa" alt=""><figcaption></figcaption></figure>

* In the Managed Resource Group -> click **Resource visualizer** -> locate and open the **Key Vault** resource.

<figure><img src="/files/zln6lspozfBBtPL3qViP" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/Rh7V5Qs6vpt4if4YnMCQ" alt=""><figcaption></figcaption></figure>

* In the Key Vault, navigate to **Objects** → **Secrets**.

  &#x20;

  Locate the following secrets:

  * Client ID
  * Client Secret
  * Tenant ID

<figure><img src="/files/lkwZ9XyTI10ndgxTf177" alt=""><figcaption></figcaption></figure>

* Open each secret individually and copy its value for later use in the configuration.
* Return to the Managed Resource Group and locate the nba-container-app resource.
* Open nba-container-app and, from the Overview page, copy the Application URL.
* Under Security, select **Secrets**.

<figure><img src="/files/FdbNOX0CKZssKu02aKkG" alt=""><figcaption></figcaption></figure>

* Locate the **API Key** and copy its value.
* Click **Create**.

<figure><img src="/files/jdTle9dktsPdzlyTwWcx" alt=""><figcaption></figcaption></figure>

### Locate the Container App and Copy the Endpoint URL

* From the list of resources, open the Container App (example name: nba-container-app).

<figure><img src="/files/2zuXi4mertBws7yFxUHC" alt=""><figcaption></figcaption></figure>

* Inside the Container App, copy the **Application URL** - This is the **endpoint URL that** you will use on the Next Best Action home page to connect the app to the container. **Save this URL** for later.

<figure><img src="/files/KR2vg1owJNUqLziOHKxI" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
**Note:** The Container App URL contains the container app name you set during deployment; choose that name carefully earlier.
{% endhint %}

### **Container App: Cool-Down Period (Optional Adjustment)**

* (Optional) In the Container App settings, you can change the cool-down period. By default, it’s 900 seconds.
* The cool-down period is the idle timeout after which the container app becomes idle to save costs; a request sent after this idle period may require a few seconds for the app to spin up. Adjust this value based on usage and cost tradeoffs.

<figure><img src="/files/5t41uc4RMVFh6p9wLyTZ" alt=""><figcaption></figcaption></figure>

#### **Add Dataverse (D365) Credentials to Container App Secrets** <a href="#add-dataverse-d365-credentials-to-container-app-secrets" id="add-dataverse-d365-credentials-to-container-app-secrets"></a>

* In the Container App navigate to Security → Secrets. You must add values for the following three secret keys:
* d365-client-id
* d365-client-secret
* d365-tenant-id

These values connect the container app to your Dataverse (Dynamics 365) environment.

[Click here](https://docs.inogic.com/next-best-action/configuration/configure-application-user) to configure Application User.

#### **Fill Container App Secrets with the Three Keys** <a href="#fill-container-app-secrets-with-the-three-keys" id="fill-container-app-secrets-with-the-three-keys"></a>

Return to the **Container App → Security → Secrets**. For each secret key:

Click the secret → click the Edit icon.

<figure><img src="/files/Xw8wcwjLJyPllRAlGL6K" alt=""><figcaption></figcaption></figure>

#### **Copy the Container App API Key** <a href="#copy-the-container-app-api-key" id="copy-the-container-app-api-key"></a>

In the Container App secrets list, copy the api-key value. This API key is the secured authentication key used by **Next Best Action** to talk to the container app. Save this key.

<figure><img src="/files/GpXusWN2rFjCd99tTDzM" alt=""><figcaption></figcaption></figure>

#### **Validate Endpoint & API Key in Next Best Action App** <a href="#validate-endpoint-and-api-key-in-predict4dynamics-app" id="validate-endpoint-and-api-key-in-predict4dynamics-app"></a>

Open the Next Best Action home page. Enter the **Endpoint URL** (container app URL) and the API Key you copied, then click Validate.

On successful validation, you will receive a success notification on the form, then click Save to persist the connection.

**Tip:** If validation fails, re-check that the container app URL is correct and that the API key copied matches exactly; also ensure the container app is running and not idled (cool-down) when testing.

#### **Troubleshooting (Common Issues)** <a href="#troubleshooting-common-issues" id="troubleshooting-common-issues"></a>

* Insufficient subscription / missing permissions: Confirm the Azure subscription is active and you have permissions to create resources (Owner or Contributor role).
* Model/token selection errors: Check that the selected model and token are available in your Azure tenant; if not, choose a supported model/token or provision required resources.
* Managed Resource Group: Use the resource visualizer to confirm all resources were created correctly.
* Cool-Down Period: Default 900s - adjust if frequent cold starts are a problem.
* App Registration Secret Visibility: The client secret value is available only once at creation. Copy and securely store it immediately.
* Tenant Differences: The Azure AD tenant that hosts Dataverse may differ from the tenant where the container app is deployed, ensure you register the app in the correct tenant.
* Permission Scope: Ensure user\_impersonation permission for Dynamics CRM is added and admin consent granted; otherwise, API calls will fail.
* Validation Failures: If Next Best Action validation fails during the endpoint/API key step, check the container app running state, the secrets accuracy, and that the container app endpoint is reachable from your network.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.inogic.com/next-best-action/configuration/configure-nba-ai-ml-engine.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.