Microsoft Foundry is the most ambitious enterprise AI platform currently available. It is not a single product — it is an end-to-end factory for designing, building, evaluating, deploying and governing AI applications and agents at scale. Understanding it properly requires understanding both what it is and how its pieces fit together.
This post is a comprehensive technical and strategic deep dive. Whether you are an architect evaluating enterprise AI platforms, an engineering lead planning your AI roadmap, or a technology director trying to understand what Microsoft's AI strategy means for your organisation, this is the guide.
What Is Microsoft Foundry?
Microsoft Foundry — formerly Azure AI Studio, then Azure AI Foundry — was rebranded in November 2025 as part of Microsoft Ignite. The name change was not cosmetic. It reflected a deliberate repositioning of the platform as the third pillar of Microsoft's enterprise cloud, sitting alongside Microsoft 365 and Microsoft Fabric.
The clearest way to understand Foundry's place in the ecosystem is this: Microsoft 365 is where knowledge workers use AI. Fabric is where data teams build analytical AI. Foundry is where developers and architects build, deploy and govern production AI applications and agents.
It is, in Microsoft's own words, an "AI app and agent factory" — a unified workspace that takes you from model selection all the way through to production monitoring, with enterprise security, compliance and governance throughout.
The Architecture
The Control Plane
Foundry's architecture is built around a Control Plane — a centralised gateway through which all AI traffic routes. Rather than having disparate model endpoints, evaluation tools and agent runtimes operating independently, the Foundry Gateway acts as the single point of:
- Identity and security — Entra ID (Azure Active Directory) RBAC, managed identity, and private networking
- Dynamic routing — traffic can be directed across model deployments, regions and providers
- Observability — all requests, completions, token usage and trace data are aggregated in one place, feeding into Azure Monitor
This means that from day one of a Foundry deployment, you have production-grade observability and security — not as something bolted on later, but as a structural property of the platform.
Projects and Hubs
Foundry organises work into Hubs (shared infrastructure resources for a team or organisation) and Projects (individual AI applications or workstreams within a hub). A hub manages shared assets: model deployments, connections to data sources, compute resources and governance policies. Projects inherit from the hub but can have their own configurations.
This structure maps cleanly onto enterprise team organisation: a hub per business unit or platform team, with projects for individual applications or agents.
The Model Ecosystem
One of Foundry's most significant advantages is the breadth of its model catalogue. This is not just Azure OpenAI — it is one of the most comprehensive collections of frontier models available in a single enterprise platform.
OpenAI Models
- GPT-5.2 — generally available on Foundry, built for multi-step problem solving, long-context understanding and agentic tool-calling
- GPT-4o and variants — the workhorse models for most production applications
- o3 and o3-mini — advanced reasoning models for complex analytical tasks
- GPT-image-1.5 — image generation at 4× the speed of previous generations
- Sora 2 — video generation, now in public preview
Anthropic Models
Foundry now offers the full Claude family — Haiku 4.5, Sonnet 4.5 and Opus 4.1 — making Azure one of the only enterprise platforms with both OpenAI and Anthropic frontier models in a single, governed environment. This matters because different models have different strengths, and production applications often benefit from routing different tasks to different models.
Open and Third-Party Models
- Meta Llama — multiple versions, available for fine-tuning and private deployment
- Mistral — strong for European data residency requirements
- Kimi-K2 Thinking — with a 256K context window, suitable for very long document analysis
- Cohere, JAIS, and others — specialist models for specific use cases
The model catalogue is updated continuously. Foundry's model comparison tooling lets teams benchmark models against their own datasets and evaluation criteria before committing to a deployment.
Core Capabilities
1. Foundry Agent Service
The Foundry Agent Service is the platform's answer to production-grade autonomous agents. Released to general availability in early 2026, it provides a fully managed runtime for deploying AI agents with:
- Hosted Agents — fully managed agent execution with no infrastructure to maintain
- Multi-Agent Workflows — orchestrate multiple specialised agents working in parallel on complex tasks such as employee onboarding, financial approvals or contract analysis
- Tool integrations — the Foundry Tools tab provides a single entry point for connecting agents to over 1,400 business systems, including Microsoft 365, Dynamics, SAP, Salesforce and custom APIs
- Enterprise security — private networking, Entra RBAC, and full tracing built in from the start
Multi-agent workflows represent a meaningful shift in what is possible. Rather than a single agent attempting to do everything, Foundry enables architectures where a coordinating agent delegates subtasks to specialist agents — one for data retrieval, one for analysis, one for communication — and aggregates the results.
2. Foundry IQ (Retrieval-Augmented Generation)
Foundry IQ integrates Azure AI Search to give agents and applications RAG-powered access to enterprise data sources. Rather than relying on a model's training data, Foundry IQ enables agents to query internal documents, databases, SharePoint libraries, and structured data stores in real time.
The platform handles chunking, embedding, indexing and retrieval — with configurable search strategies (semantic, hybrid, keyword) and relevance tuning. For most enterprise applications, this is the capability that makes AI genuinely useful: connecting models to your organisation's actual knowledge.
3. Deep Research Agent
The Deep Research Agent — currently in public preview — uses OpenAI's o3-deep-research model to automate complex, multi-step web and knowledge base research. Rather than returning a single answer, it plans a research strategy, executes multiple searches, synthesises findings and produces structured reports with citations.
For use cases such as competitive analysis, regulatory research, due diligence and technical investigation, this represents a significant productivity multiplier.
4. Prompt Flow
Prompt Flow is Foundry's visual orchestration tool for building complex AI pipelines. It allows teams to:
- Chain together LLM calls, retrieval steps, code execution and external API calls
- Visualise the full execution graph of an AI application
- Debug individual nodes in a pipeline
- Version and deploy flows as managed endpoints
Prompt Flow is particularly valuable for teams building multi-step applications — customer service agents that retrieve context before responding, document processing pipelines, or research workflows — where the logic is too complex to express as a single prompt.
5. Evaluation Framework
Evaluation is one of Foundry's strongest differentiators. The platform provides a comprehensive, continuous evaluation framework covering:
Quality metrics — groundedness, coherence, fluency, relevance, and similarity, measured automatically against test datasets.
Safety metrics — detection of harmful content, bias, policy violations and prompt injection, using Microsoft's responsible AI evaluators.
Custom evaluators — teams can define their own evaluation logic using code or LLM-as-judge approaches, making the framework adaptable to domain-specific quality requirements.
Continuous production monitoring — evaluation runs not just at development time but continuously in production, with results piped into Azure Monitor and alerting. This means quality regressions in deployed applications are detected automatically rather than discovered through user complaints.
6. Responsible AI
Responsible AI is built into Foundry as a first-class capability, not an afterthought:
- Content Safety — Azure AI Content Safety filters are available at every model endpoint, with configurable severity thresholds per category (hate speech, violence, self-harm, sexual content)
- Groundedness detection — identifies when a model generates responses not supported by the retrieved context
- Safety system messages — templates for common responsible AI configurations that teams can apply consistently across deployments
- Fairness and inclusiveness assessments — evaluation metrics specifically designed to surface bias in model outputs
For regulated industries — financial services, healthcare, government — these capabilities are not nice-to-haves. They are prerequisites for production deployment.
Enterprise Security and Governance
Foundry's enterprise security posture is mature:
- Private networking — deployments can be fully isolated within a private virtual network, with no public internet exposure
- Customer-managed keys — encryption at rest using keys held in Azure Key Vault
- Entra ID RBAC — fine-grained role-based access control across hubs, projects, model deployments and data connections
- Audit logging — all API calls, model invocations and configuration changes are logged to Azure Monitor
- Data residency — regional deployments with data residency guarantees for GDPR and other regulatory requirements
- Compliance certifications — SOC 2, ISO 27001, HIPAA, FedRAMP (government cloud)
Pricing
Foundry's pricing is consumption-based — the platform itself carries no flat licence fee. Costs accumulate across the underlying services consumed:
| Component | Pricing Model |
|---|---|
| Model inference (Azure OpenAI) | Per input/output token, varies by model |
| Model inference (third-party) | Per token, varies by model |
| Azure AI Search (for RAG) | Per search unit + storage |
| Foundry Agent Service (hosted) | Per agent-hour |
| Compute (for fine-tuning) | Per GPU-hour |
| Storage | Per GB per month |
The consumption model means costs scale with usage — low in development, higher in production. The main risk is token cost unpredictability for applications with variable usage patterns. Foundry's built-in token monitoring and budget alerts help manage this, but teams should model costs carefully before production launch.
When Foundry Is — and Is Not — the Right Choice
Foundry is the right choice when:
- Your organisation is already on Azure or Microsoft 365
- You need enterprise compliance certifications out of the box
- You are building multi-agent or RAG-based applications
- You want continuous quality evaluation in production
- You need access to both OpenAI and Anthropic models in a governed environment
- You are in a regulated industry where responsible AI tooling is mandatory
Foundry may not be the right choice when:
- You are AWS-native and do not want to add an Azure dependency (consider Bedrock)
- You need a no-code interface for business users (consider Copilot Studio)
- You are prototyping quickly and do not yet need enterprise governance
- Your team lacks Azure expertise and the learning curve is prohibitive
Getting Started
The fastest path into Foundry for most teams:
- Create a Foundry Hub in the Azure portal — this takes minutes and requires only an Azure subscription
- Deploy a model — start with GPT-4o or Claude Sonnet for most use cases
- Build a Prompt Flow — start with a simple RAG flow connecting to a document store
- Add evaluation — run the built-in quality evaluators against a test dataset before going to production
- Graduate to agents — once the core pipeline is solid, explore the Foundry Agent Service for autonomous workflows
Microsoft's documentation on learn.microsoft.com is comprehensive, and the Foundry codelabs provide structured hands-on paths for common use cases.
The Bottom Line
Microsoft Foundry is the most complete enterprise AI platform currently available. Its combination of model breadth, agent capabilities, evaluation rigour, responsible AI tooling and Azure-native security makes it a compelling default choice for organisations building AI in an Azure environment.
It is not the simplest platform — Copilot Studio is faster to get started with for business users, and AWS Bedrock may be more natural for AWS-native teams. But for organisations that need to go deep — building production-grade AI applications with genuine governance, observability and safety — Foundry has more to offer than any comparable platform.
The organisations that invest in understanding it now will be building on a platform that Microsoft is clearly committed to, increasingly capable, and strategically central to the entire Microsoft cloud ecosystem.
Planning an AI platform evaluation or architecture for your organisation? Talk to Reinvently.
← All posts