Cannot upload files in New Foundry

2026-06-29T13:57:01.2366667+00:00

I am not able to upload files in New Foundry portal. It says to me that I must have the Foundry User role in the project, which I have. If I give the Foundry User role in the root resource, it works.

Microsoft Foundry
Microsoft Foundry

A unified Azure platform for creating and managing AI models, agents, and applications with built‑in enterprise security, monitoring, and governance


2 answers

Sort by: Most helpful
  1. Marcus Vinicius Cursino Suares 40 Reputation points
    2026-06-30T12:08:20.9+00:00

    I am trying to upload a file when I am building a agent, it is trying to create a vector store. My setup is the Basic Agent setup, I don't have a storage attached. Assigning the role at the root resource is not acceptable for me. The error is the following: "You don't have permission to upload files in this project. Please ask your administrator to assign the Foundry User role."

    Was this answer helpful?

    0 comments No comments

  2. Jubin Soni 0 Reputation points
    2026-06-29T18:27:09.53+00:00

    Hi @Marcus Vinicius Cursino Suares , just to add to the above, what you're describing does look like a portal bug rather than a misconfiguration. The Foundry User role assigned at the project scope should be sufficient for file uploads within that project; needing to assign it at the root Foundry resource level to make uploads work suggests the portal's permission check is evaluating against the wrong scope for this specific operation.

    A few practical things worth confirming to help narrow it down:

    • Check which type of upload is failing, Agent file search, playground uploads, and vector store uploads each call different backend APIs and may have different permission check paths. Knowing which one helps determine if this is isolated to one workflow or the entire upload surface.

    Also check if the connected storage account has its own access control requirements. In new Foundry projects, file uploads often go through an Azure Storage account linked to the project, and the Foundry User role at project scope may not automatically grant the necessary Storage Blob Data Contributor role on that storage account. This is a common gap that isn't always obvious from the portal error message.

    If assigning at the root resource is not acceptable for your security model, the narrowest workaround is to additionally assign Storage Blob Data Contributor on the project's linked storage account directly to the affected user, rather than elevating at the Foundry resource level. This may restore upload functionality without broadening access beyond the project boundary.

    Please upvote and accept the answer if it helps!

    Was this answer helpful?

    0 comments No comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.