OBO authentication in hosted agent

[druizriq]

I'm building a Foundry-hosted agent (Python, agent-framework + agent-framework-foundry-hosting, Responses protocol) that needs to call a Microsoft Fabric Data Agent API on behalf of the end user.

The Fabric Data Agent API requires user identity authentication as service principal / managed identity tokens are explicitly rejected with HTTP 401 per Microsoft's documentation:
"Use user identity authentication. Service principal authentication isn't supported for the Fabric data agent."

The hosted container has a working managed identity (token acquisition from the MSI endpoint succeeds), but every call to the Fabric endpoint returns 401.

The natural solution is OAuth On-Behalf-Of (OBO): exchange the calling user's Bearer token for a Fabric-scoped token inside the container. But that requires the user's token to reach the container.

After inspecting both the platform behaviour and the SDK source:
The Foundry proxy terminates Authorization before it reaches the container. The POST /responses request arrives at the container with no Authorization, X-MS-Client-Principal, or X-MS-TOKEN-AAD-* headers. Confirmed both empirically (header inspection middleware on a live deployment) and in the _endpoint_handler.py source.

ResponseContext.client_headers only captures x-client-*-prefixed headers

Is there a supported or planned mechanism in the Foundry hosted agent platform to forward the calling user's identity to the container (either as a header, a token injected into the request context, or a platform-managed OBO flow)?

[moonbox3]

@TaoChenOSU were you working on something related to this?