diff --git a/frontend/src/components/Config/CreateTargetDialog.styles.ts b/frontend/src/components/Config/CreateTargetDialog.styles.ts
index 34f023786..67fdb2aa2 100644
--- a/frontend/src/components/Config/CreateTargetDialog.styles.ts
+++ b/frontend/src/components/Config/CreateTargetDialog.styles.ts
@@ -6,4 +6,12 @@ export const useCreateTargetDialogStyles = makeStyles({
     flexDirection: 'column',
     gap: tokens.spacingVerticalL,
   },
+  warningMessage: {
+    width: '100%',
+  },
+  warningMessageBody: {
+    whiteSpace: 'normal',
+    overflowWrap: 'anywhere',
+    wordBreak: 'break-word',
+  },
 })
diff --git a/frontend/src/components/Config/CreateTargetDialog.test.tsx b/frontend/src/components/Config/CreateTargetDialog.test.tsx
index b8a9dcfc0..cd096a192 100644
--- a/frontend/src/components/Config/CreateTargetDialog.test.tsx
+++ b/frontend/src/components/Config/CreateTargetDialog.test.tsx
@@ -497,4 +497,180 @@ describe("CreateTargetDialog", () => {
 
     expect(screen.queryByRole("dialog")).not.toBeInTheDocument();
   });
+
+  it("should hide the API Key field and omit api_key/include auth_mode when Entra is selected", async () => {
+    const onCreated = jest.fn();
+    const user = userEvent.setup();
+    mockedTargetsApi.createTarget.mockResolvedValue({
+      target_registry_name: "openai_chat_entra",
+      target_type: "OpenAIChatTarget",
+    });
+
+    render(
+      <TestWrapper>
+        <CreateTargetDialog {...defaultProps} onCreated={onCreated} />
+      </TestWrapper>
+    );
+
+    await selectTargetType(user, "OpenAIChatTarget");
+
+    const endpointInput = screen.getByPlaceholderText(
+      "https://your-resource.openai.azure.com/"
+    );
+    fireEvent.change(endpointInput, {
+      target: { value: "https://my-resource.openai.azure.com/" },
+    });
+
+    // check that API Key field is visible by default.
+    expect(
+      screen.getByPlaceholderText("API key (stored in memory only)")
+    ).toBeInTheDocument();
+
+    // Select Entra option.
+    await user.click(
+      screen.getByRole("radio", {
+        name: /Microsoft Entra Authentication/,
+      })
+    );
+
+    // check that API Key field is hidden when Entra mode is selected.
+    expect(
+      screen.queryByPlaceholderText("API key (stored in memory only)")
+    ).not.toBeInTheDocument();
+
+    await user.click(screen.getByText("Create Target"));
+
+    await waitFor(() => {
+      expect(mockedTargetsApi.createTarget).toHaveBeenCalledWith({
+        type: "OpenAIChatTarget",
+        params: {
+          endpoint: "https://my-resource.openai.azure.com/",
+        },
+        auth_mode: "entra",
+      });
+      expect(onCreated).toHaveBeenCalled();
+    });
+  });
+
+  it("should clear a previously-typed API key when switching to Entra", async () => {
+    const onCreated = jest.fn();
+    const user = userEvent.setup();
+    mockedTargetsApi.createTarget.mockResolvedValue({
+      target_registry_name: "openai_chat_entra",
+      target_type: "OpenAIChatTarget",
+    });
+
+    render(
+      <TestWrapper>
+        <CreateTargetDialog {...defaultProps} onCreated={onCreated} />
+      </TestWrapper>
+    );
+
+    await selectTargetType(user, "OpenAIChatTarget");
+
+    const endpointInput = screen.getByPlaceholderText(
+      "https://your-resource.openai.azure.com/"
+    );
+    fireEvent.change(endpointInput, {
+      target: { value: "https://my-resource.openai.azure.com/" },
+    });
+
+    // Type a key, then switch to Entra option.
+    fireEvent.change(
+      screen.getByPlaceholderText("API key (stored in memory only)"),
+      { target: { value: "sk-typed-before-switch" } }
+    );
+
+    await user.click(
+      screen.getByRole("radio", { name: /Microsoft Entra Authentication/ })
+    );
+
+    await user.click(screen.getByText("Create Target"));
+
+    await waitFor(() => {
+      const call = mockedTargetsApi.createTarget.mock.calls[0][0];
+      expect(call.auth_mode).toBe("entra");
+      expect(call.params).not.toHaveProperty("api_key");
+    });
+  });
+
+  it("should warn the user when Entra is selected for a non-Azure OpenAI endpoint", async () => {
+    const user = userEvent.setup();
+
+    render(
+      <TestWrapper>
+        <CreateTargetDialog {...defaultProps} />
+      </TestWrapper>
+    );
+
+    await selectTargetType(user, "OpenAIChatTarget");
+
+    const endpointInput = screen.getByPlaceholderText(
+      "https://your-resource.openai.azure.com/"
+    );
+    fireEvent.change(endpointInput, { target: { value: "https://api.openai.com/" } });
+
+    await user.click(
+      screen.getByRole("radio", { name: /Microsoft Entra Authentication/ })
+    );
+
+    expect(
+      screen.getByText(/Entra auth only works with Azure OpenAI/)
+    ).toBeInTheDocument();
+  });
+
+  it("should NOT warn when Entra is selected for a recognized Azure endpoint", async () => {
+    const user = userEvent.setup();
+
+    render(
+      <TestWrapper>
+        <CreateTargetDialog {...defaultProps} />
+      </TestWrapper>
+    );
+
+    await selectTargetType(user, "OpenAIChatTarget");
+
+    const endpointInput = screen.getByPlaceholderText(
+      "https://your-resource.openai.azure.com/"
+    );
+    fireEvent.change(endpointInput, {
+      target: { value: "https://my-resource.openai.azure.com/" },
+    });
+
+    await user.click(
+      screen.getByRole("radio", { name: /Microsoft Entra Authentication/ })
+    );
+
+    expect(
+      screen.queryByText(/Entra auth only works with Azure OpenAI/)
+    ).not.toBeInTheDocument();
+  });
+
+  it("should disable Create Target and skip API call for Entra + non-Azure OpenAI endpoint", async () => {
+    const user = userEvent.setup();
+
+    render(
+      <TestWrapper>
+        <CreateTargetDialog {...defaultProps} />
+      </TestWrapper>
+    );
+
+    await selectTargetType(user, "OpenAIChatTarget");
+
+    const endpointInput = screen.getByPlaceholderText(
+      "https://your-resource.openai.azure.com/"
+    );
+    fireEvent.change(endpointInput, { target: { value: "https://api.test.com/" } });
+
+    await user.click(
+      screen.getByRole("radio", { name: /Microsoft Entra Authentication/ })
+    );
+
+    const createButton = screen.getByText("Create Target").closest("button");
+    expect(createButton).toBeDisabled();
+
+    await user.click(screen.getByText("Create Target"));
+
+    expect(mockedTargetsApi.createTarget).not.toHaveBeenCalled();
+  });
 });
diff --git a/frontend/src/components/Config/CreateTargetDialog.tsx b/frontend/src/components/Config/CreateTargetDialog.tsx
index 4bce08f56..94f433c17 100644
--- a/frontend/src/components/Config/CreateTargetDialog.tsx
+++ b/frontend/src/components/Config/CreateTargetDialog.tsx
@@ -9,6 +9,8 @@ import {
   Button,
   Input,
   Label,
+  Radio,
+  RadioGroup,
   Select,
   Switch,
   Text,
@@ -32,6 +34,26 @@ const TARGET_TYPE_CONFIG: Record<string, 'openai' | 'azureml'> = {
 
 const SUPPORTED_TARGET_TYPES = Object.keys(TARGET_TYPE_CONFIG)
 
+type AuthMode = 'api_key' | 'entra'
+
+// Mirrors backend's hostname-suffix check (list in target_service.py).
+// The backend still does the check and will reject unsupported endpoints, but this allows us to show a warning in the UI if the user selects Microsoft Entra authentication with a non-Azure OpenAI endpoint.
+const AZURE_OPENAI_HOSTNAME_SUFFIXES = [
+  '.openai.azure.com',
+  '.ai.azure.com',
+  '.services.ai.azure.com',
+  '.cognitiveservices.azure.com',
+]
+
+function isAzureOpenAiEndpoint(endpoint: string): boolean {
+  try {
+    const host = new URL(endpoint).hostname.toLowerCase()
+    return AZURE_OPENAI_HOSTNAME_SUFFIXES.some((s) => host.endsWith(s))
+  } catch {
+    return false
+  }
+}
+
 interface CreateTargetDialogProps {
   open: boolean
   onClose: () => void
@@ -45,6 +67,7 @@ export default function CreateTargetDialog({ open, onClose, onCreated }: CreateT
   const [modelName, setModelName] = useState('')
   const [hasDifferentUnderlying, setHasDifferentUnderlying] = useState(false)
   const [underlyingModel, setUnderlyingModel] = useState('')
+  const [authMode, setAuthMode] = useState<AuthMode>('api_key')
   const [apiKey, setApiKey] = useState('')
   const [maxNewTokens, setMaxNewTokens] = useState('400')
   const [temperature, setTemperature] = useState('1.0')
@@ -54,7 +77,11 @@ export default function CreateTargetDialog({ open, onClose, onCreated }: CreateT
   const [error, setError] = useState<string | null>(null)
   const [fieldErrors, setFieldErrors] = useState<{ targetType?: string; endpoint?: string }>({})
 
-  const isAzureML = TARGET_TYPE_CONFIG[targetType] === 'azureml'
+  const targetKind = TARGET_TYPE_CONFIG[targetType]
+  const isAzureML = targetKind === 'azureml'
+  const isOpenAi = targetKind === 'openai'
+  const isEntra = authMode === 'entra'
+  const showNonAzureEntraWarning = isEntra && isOpenAi && endpoint !== '' && !isAzureOpenAiEndpoint(endpoint)
 
   const resetForm = () => {
     setTargetType('')
@@ -62,6 +89,7 @@ export default function CreateTargetDialog({ open, onClose, onCreated }: CreateT
     setModelName('')
     setHasDifferentUnderlying(false)
     setUnderlyingModel('')
+    setAuthMode('api_key')
     setApiKey('')
     setMaxNewTokens('400')
     setTemperature('1.0')
@@ -94,7 +122,7 @@ export default function CreateTargetDialog({ open, onClose, onCreated }: CreateT
         endpoint,
       }
       if (modelName) params.model_name = modelName
-      if (apiKey) params.api_key = apiKey
+      if (!isEntra && apiKey) params.api_key = apiKey
 
       if (hasDifferentUnderlying && underlyingModel) params.underlying_model = underlyingModel
 
@@ -112,6 +140,7 @@ export default function CreateTargetDialog({ open, onClose, onCreated }: CreateT
       await targetsApi.createTarget({
         type: targetType,
         params,
+        ...(isEntra ? { auth_mode: 'entra' as const } : {}),
       })
       resetForm()
       onCreated()
@@ -243,15 +272,40 @@ export default function CreateTargetDialog({ open, onClose, onCreated }: CreateT
                 </>
               )}
 
-              <Field label="API Key">
-                <Input
-                  type="password"
-                  placeholder="API key (stored in memory only)"
-                  value={apiKey}
-                  onChange={(_, data) => setApiKey(data.value)}
-                />
+              <Field label="Authentication">
+                <RadioGroup
+                  value={authMode}
+                  onChange={(_, data) => {
+                    const next = data.value as AuthMode
+                    setAuthMode(next)
+                    if (next === 'entra') setApiKey('')
+                  }}
+                >
+                  <Radio value="api_key" label="API Key" />
+                  <Radio value="entra" label="Microsoft Entra Authentication" />
+                </RadioGroup>
               </Field>
 
+              {showNonAzureEntraWarning && (
+                <MessageBar intent="warning" className={styles.warningMessage}>
+                  <MessageBarBody className={styles.warningMessageBody}>
+                    Error: Entra auth only works with Azure OpenAI / AI Foundry endpoints (for example,
+                    *.openai.azure.com or *.ai.azure.com).
+                  </MessageBarBody>
+                </MessageBar>
+              )}
+
+              {!isEntra && (
+                <Field label="API Key">
+                  <Input
+                    type="password"
+                    placeholder="API key (stored in memory only)"
+                    value={apiKey}
+                    onChange={(_, data) => setApiKey(data.value)}
+                  />
+                </Field>
+              )}
+
               <Label size="small" style={{ color: tokens.colorNeutralForeground3 }}>
                 Targets can also be auto-populated by adding an initializer (e.g. <code>airt</code>) to your{' '}
                 <code>~/.pyrit/.pyrit_conf</code> file, which reads endpoints from your <code>.env</code> and{' '}
@@ -266,7 +320,11 @@ export default function CreateTargetDialog({ open, onClose, onCreated }: CreateT
             <Button appearance="secondary" onClick={handleClose} disabled={submitting}>
               Cancel
             </Button>
-            <Button appearance="primary" onClick={handleSubmit} disabled={submitting || !targetType || !endpoint}>
+            <Button
+              appearance="primary"
+              onClick={handleSubmit}
+              disabled={submitting || !targetType || !endpoint || showNonAzureEntraWarning}
+            >
               {submitting ? 'Creating...' : 'Create Target'}
             </Button>
           </DialogActions>
diff --git a/frontend/src/types/index.ts b/frontend/src/types/index.ts
index 2f72d902c..6881f2e7d 100644
--- a/frontend/src/types/index.ts
+++ b/frontend/src/types/index.ts
@@ -85,6 +85,7 @@ export interface TargetListResponse {
 export interface CreateTargetRequest {
   type: string
   params: Record<string, unknown>
+  auth_mode?: 'api_key' | 'entra'
 }
 
 // --- Converters ---
diff --git a/pyrit/backend/models/targets.py b/pyrit/backend/models/targets.py
index e2eca8d91..925cc68ef 100644
--- a/pyrit/backend/models/targets.py
+++ b/pyrit/backend/models/targets.py
@@ -11,7 +11,7 @@
 This module defines the Instance models for runtime target management.
 """
 
-from typing import Any, Optional
+from typing import Any, Literal, Optional
 
 from pydantic import BaseModel, Field
 
@@ -80,3 +80,11 @@ class CreateTargetRequest(BaseModel):
 
     type: str = Field(..., description="Target type (e.g., 'OpenAIChatTarget')")
     params: dict[str, Any] = Field(default_factory=dict, description="Target constructor parameters")
+    auth_mode: Literal["api_key", "entra"] = Field(
+        "api_key",
+        description=(
+            "Authentication mode. 'api_key' uses the api_key in params (default)"
+            "'entra' uses Microsoft Entra ID; requires an Azure endpoint and is "
+            "supported by OpenAI-family targets and AzureMLChatTarget."
+        ),
+    )
diff --git a/pyrit/backend/services/target_service.py b/pyrit/backend/services/target_service.py
index af058dc2d..e8eb29724 100644
--- a/pyrit/backend/services/target_service.py
+++ b/pyrit/backend/services/target_service.py
@@ -12,10 +12,13 @@
 - Retrieved from registry (pre-registered at startup or created earlier)
 """
 
+import logging
 from functools import lru_cache
 from typing import Any
+from urllib.parse import urlparse
 
 from pyrit import prompt_target
+from pyrit.auth import get_azure_async_token_provider, get_azure_openai_auth
 from pyrit.backend.mappers.target_mappers import target_object_to_instance
 from pyrit.backend.models.common import PaginationInfo
 from pyrit.backend.models.targets import (
@@ -24,8 +27,41 @@
     TargetListResponse,
 )
 from pyrit.prompt_target import PromptTarget
+from pyrit.prompt_target.azure_ml_chat_target import AzureMLChatTarget
+from pyrit.prompt_target.openai.openai_target import OpenAITarget
 from pyrit.registry.object_registries import TargetRegistry
 
+logger = logging.getLogger(__name__)
+
+# Scope for Azure Machine Learning managed online endpoints.
+_AZURE_ML_SCOPE = "https://ml.azure.com/.default"
+
+# Recognised Azure OpenAI / AI Foundry hostname suffixes. Used for strict
+# endpoint validation when Entra ID auth is requested, so a bearer token is
+# only ever issued for a known Microsoft-operated endpoint.
+_AZURE_OPENAI_HOSTNAME_SUFFIXES = (
+    ".openai.azure.com",
+    ".ai.azure.com",
+    ".services.ai.azure.com",
+    ".cognitiveservices.azure.com",
+)
+
+
+def _is_azure_openai_endpoint(endpoint: str) -> bool:
+    """
+    Return True if ``endpoint`` resolves to a known Azure OpenAI / AI Foundry host.
+    Uses a strict hostname-suffix check (not a substring search).
+
+    Args:
+        endpoint (str): The endpoint URL to validate.
+
+    Returns:
+        bool: True if the endpoint's hostname ends with a recognised Azure suffix;
+            False otherwise
+    """
+    hostname = (urlparse(endpoint).hostname or "").lower()
+    return any(hostname.endswith(suffix) for suffix in _AZURE_OPENAI_HOSTNAME_SUFFIXES)
+
 
 def _build_target_class_registry() -> dict[str, type]:
     """
@@ -166,23 +202,75 @@ async def create_target_async(self, *, request: CreateTargetRequest) -> TargetIn
         then registers it in the registry under its registry name.
 
         Args:
-            request: The create target request with type and params.
+            request: The create target request with type, params, and auth_mode.
 
         Returns:
             TargetInstance with the new target's details.
 
         Raises:
-            ValueError: If the target type is not found.
+            ValueError: If the target type is not found, if Entra ID is requested
+                for an unsupported target type, or if Entra ID is requested for an
+                OpenAI target against a non-Azure endpoint.
         """
-        # Instantiate from request params and register (uses unique_name as key by default)
         target_class = self._get_target_class(target_type=request.type)
-        target_obj = target_class(**request.params)
+
+        # Copy params so we can modify values (eg api_key) without changing request.params.
+        params: dict[str, Any] = dict(request.params)
+
+        if request.auth_mode == "entra":
+            params = self._apply_entra_auth(target_class=target_class, target_type=request.type, params=params)
+
+        target_obj = target_class(**params)
         self._registry.register_instance(target_obj)
 
-        # Build response from the registered instance
         target_registry_name = target_obj.get_identifier().unique_name
         return self._build_instance_from_object(target_registry_name=target_registry_name, target_obj=target_obj)
 
+    @staticmethod
+    def _apply_entra_auth(*, target_class: type, target_type: str, params: dict[str, Any]) -> dict[str, Any]:
+        """
+        Replace ``api_key`` in ``params`` with an Entra ID token provider for
+        the given target class.
+
+        Args:
+            target_class (type): The target class being instantiated
+            target_type (str): The user-facing target type name
+            params (dict[str, Any]): The target constructor parameters from the request
+
+        Returns:
+            dict[str, Any]: A new params dict with ``api_key`` replaced by an async
+            token-provider callable suitable for the target class.
+
+        Raises:
+            ValueError: If the target type does not support Entra ID, or if an
+                OpenAI target is given a non-Azure endpoint.
+        """
+        new_params = dict(params)
+        if "api_key" in new_params:
+            logger.debug("Discarding 'api_key' from params because auth_mode='entra'.")
+            new_params.pop("api_key", None)
+
+        if issubclass(target_class, OpenAITarget):
+            endpoint = new_params.get("endpoint")
+            if not isinstance(endpoint, str) or not endpoint:
+                raise ValueError("Entra ID authentication requires an 'endpoint' in params.")
+            if not _is_azure_openai_endpoint(endpoint):
+                raise ValueError(
+                    "Entra ID authentication requires an Azure endpoint "
+                    f"(*.openai.azure.com or *.ai.azure.com). Got: {endpoint}"
+                )
+            new_params["api_key"] = get_azure_openai_auth(endpoint)
+            return new_params
+
+        if issubclass(target_class, AzureMLChatTarget):
+            new_params["api_key"] = get_azure_async_token_provider(_AZURE_ML_SCOPE)
+            return new_params
+
+        raise ValueError(
+            f"Target type '{target_type}' does not support Entra ID authentication. "
+            "Supported types are OpenAI-family targets and AzureMLChatTarget."
+        )
+
 
 @lru_cache(maxsize=1)
 def get_target_service() -> TargetService:
diff --git a/pyrit/prompt_target/azure_ml_chat_target.py b/pyrit/prompt_target/azure_ml_chat_target.py
index f262130ad..04256b58c 100644
--- a/pyrit/prompt_target/azure_ml_chat_target.py
+++ b/pyrit/prompt_target/azure_ml_chat_target.py
@@ -3,10 +3,12 @@
 
 import logging
 import warnings
-from typing import Any
+from collections.abc import Awaitable, Callable
+from typing import Any, cast
 
 from httpx import HTTPStatusError
 
+from pyrit.auth import ensure_async_token_provider
 from pyrit.common import default_values, net_utility
 from pyrit.exceptions import (
     EmptyResponseException,
@@ -61,7 +63,7 @@ def __init__(
         self,
         *,
         endpoint: str | None = None,
-        api_key: str | None = None,
+        api_key: str | Callable[[], str | Awaitable[str]] | None = None,
         model_name: str = "",
         message_normalizer: MessageListNormalizer[Any] | None = None,
         max_new_tokens: int = 400,
@@ -78,8 +80,12 @@ def __init__(
         Args:
             endpoint (str | None): The endpoint URL for the deployed Azure ML model.
                 Defaults to the value of the AZURE_ML_MANAGED_ENDPOINT environment variable.
-            api_key (str | None): The API key for accessing the Azure ML endpoint.
-                Defaults to the value of the `AZURE_ML_KEY` environment variable.
+            api_key (str | Callable[[], str | Awaitable[str]] | None): The API key for accessing
+                the Azure ML endpoint, or a callable that returns a bearer token (sync or async).
+                Pass a token provider (e.g. ``get_azure_async_token_provider("https://ml.azure.com/.default")``)
+                to authenticate with Microsoft Entra ID against an AML managed online endpoint.
+                Synchronous providers are automatically wrapped via ``ensure_async_token_provider``.
+                Defaults to the value of the ``AZURE_ML_KEY`` environment variable.
             model_name (str): The name of the model being used (e.g., "Llama-3.2-3B-Instruct").
                 Used for identification purposes. Defaults to empty string.
             message_normalizer (MessageListNormalizer[Any] | None): **Deprecated.** Use
@@ -181,7 +187,11 @@ def _build_identifier(self) -> ComponentIdentifier:
             },
         )
 
-    def _initialize_vars(self, endpoint: str | None = None, api_key: str | None = None) -> None:
+    def _initialize_vars(
+        self,
+        endpoint: str | None = None,
+        api_key: str | Callable[[], str | Awaitable[str]] | None = None,
+    ) -> None:
         """
         Set the endpoint and key for accessing the Azure ML model. Use this function to manually
         pass in your own endpoint uri and api key. Defaults to the values in the .env file for the variables
@@ -190,13 +200,30 @@ def _initialize_vars(self, endpoint: str | None = None, api_key: str | None = No
         in the .env file and call _set_env_configuration_vars rather than passing the uri and key directly to
         this function or the target constructor.
 
+        If ``api_key`` is a callable, it is treated as an Entra ID token provider.
+        The callable is stored on ``self._api_key_provider`` and resolved per-request
+        inside ``_get_headers_async``. Synchronous providers are wrapped via
+        ``ensure_async_token_provider``.
+
         Args:
-            endpoint (str, optional): The endpoint uri for the deployed Azure ML model.
-            api_key (str, optional): The API key for accessing the Azure ML endpoint.
+            endpoint (str | None): The endpoint uri for the deployed Azure ML model.
+            api_key (str | Callable[[], str | Awaitable[str]] | None):
+                The API key for accessing the Azure ML endpoint, or a callable
+                which returns a bearer token, or None to fall back to the
+                ``AZURE_ML_KEY`` env variable.
         """
         self._endpoint = default_values.get_required_value(
             env_var_name=self.endpoint_uri_environment_variable, passed_value=endpoint
         )
+
+        if callable(api_key):
+            normalized = ensure_async_token_provider(api_key)
+            provider = cast("Callable[[], Awaitable[str]]", normalized)
+            self._api_key_provider: Callable[[], Awaitable[str]] | None = provider
+            self._api_key = ""
+            return
+
+        self._api_key_provider = None
         self._api_key = default_values.get_required_value(
             env_var_name=self.api_key_environment_variable, passed_value=api_key
         )
@@ -265,7 +292,7 @@ async def _complete_chat_async(
         Returns:
             str: The generated response message.
         """
-        headers = self._get_headers()
+        headers = await self._get_headers_async()
         payload = await self._construct_http_body_async(messages)
 
         response = await net_utility.make_request_and_raise_if_error_async(
@@ -316,17 +343,45 @@ async def _construct_http_body_async(
 
     def _get_headers(self) -> dict[str, str]:
         """
-        Headers for accessing inference endpoint deployed in AML.
+        Headers for accessing inference endpoint deployed in AML using a static API key.
+
+        Only valid when this target was configured with a string ``api_key``.
+        When an Entra ID token provider supplied, callers must use ``_get_headers_async``
+        instead, because the token must be fetched asynchronously and refreshed on each request.
 
         Returns:
             headers(dict): contains bearer token as AML key and content-type: JSON
+
+        Raises:
+            ValueError: If this target was configured with a token-provider callable.
         """
-        headers: dict[str, str] = {
+        if self._api_key_provider is not None:
+            raise ValueError(
+                "AzureMLChatTarget was configured with an Entra ID token provider. "
+                "Use _get_headers_async() instead of _get_headers()."
+            )
+        return {
             "Content-Type": "application/json",
             "Authorization": ("Bearer " + self._api_key),
         }
 
-        return headers
+    async def _get_headers_async(self) -> dict[str, str]:
+        """
+        Headers for accessing the AML inference endpoint, resolving the bearer token from the
+        configured Entra ID token provider when one is set.
+
+        Returns:
+            headers(dict): contains bearer token (static key or freshly-acquired Entra token) and
+            content-type: JSON.
+        """
+        if self._api_key_provider is None:
+            return self._get_headers()
+
+        token = await self._api_key_provider()
+        return {
+            "Content-Type": "application/json",
+            "Authorization": "Bearer " + token,
+        }
 
     def _validate_request(self, *, normalized_conversation: list[Message]) -> None:
         pass
diff --git a/tests/unit/backend/test_target_service.py b/tests/unit/backend/test_target_service.py
index dcbe8b8b4..5aed32977 100644
--- a/tests/unit/backend/test_target_service.py
+++ b/tests/unit/backend/test_target_service.py
@@ -42,6 +42,11 @@ def _mock_target_identifier(*, class_name: str = "MockTarget", **kwargs) -> Comp
     )
 
 
+async def _test_token_provider() -> str:
+    """Shared async token provider used in Entra authentication tests."""
+    return "test-token"
+
+
 class TestListTargets:
     """Tests for TargetService.list_targets method."""
 
@@ -306,6 +311,165 @@ async def test_create_target_with_different_underlying_model(self, sqlite_instan
         assert result.underlying_model_name == "gpt-4o"
 
 
+class TestCreateTargetEntraAuth:
+    """Test that creating targets with Entra auth mode properly authenticates and handles edge cases."""
+
+    async def test_create_openai_target_with_entra_injects_token_provider(self, sqlite_instance) -> None:
+        """Entra auth path: api_key is replaced with the authentication callable"""
+
+        with patch(
+            "pyrit.backend.services.target_service.get_azure_openai_auth",
+            return_value=_test_token_provider,
+        ) as mock_get_auth:
+            service = TargetService()
+
+            request = CreateTargetRequest(
+                type="OpenAIChatTarget",
+                params={
+                    "endpoint": "https://test.openai.azure.com/",
+                    "model_name": "gpt-4o",
+                },
+                auth_mode="entra",
+            )
+
+            result = await service.create_target_async(request=request)
+
+            mock_get_auth.assert_called_once_with("https://test.openai.azure.com/")
+            target_obj = service.get_target_object(target_registry_name=result.target_registry_name)
+            assert target_obj is not None
+            # OpenAI target preserves async callables verbatim through ensure_async_token_provider.
+            assert target_obj._api_key is _test_token_provider  # type: ignore[attr-defined]
+
+    async def test_create_openai_target_with_entra_drops_user_api_key(self, sqlite_instance) -> None:
+        """Any api_key supplied alongside auth_mode='entra' must be discarded."""
+
+        with patch(
+            "pyrit.backend.services.target_service.get_azure_openai_auth",
+            return_value=_test_token_provider,
+        ):
+            service = TargetService()
+
+            request = CreateTargetRequest(
+                type="OpenAIChatTarget",
+                params={
+                    "endpoint": "https://test.openai.azure.com/",
+                    "model_name": "gpt-4o",
+                    "api_key": "should-be-ignored",
+                },
+                auth_mode="entra",
+            )
+
+            result = await service.create_target_async(request=request)
+
+            target_obj = service.get_target_object(target_registry_name=result.target_registry_name)
+            assert target_obj is not None
+            assert target_obj._api_key is _test_token_provider  # type: ignore[attr-defined]
+            # The literal "should-be-ignored" string must never appear.
+            assert target_obj._api_key != "should-be-ignored"  # type: ignore[attr-defined]
+
+    async def test_create_openai_target_with_entra_does_not_mutate_request_params(self, sqlite_instance) -> None:
+        """The CreateTargetRequest.params object must remain unchanged after creation."""
+
+        with patch(
+            "pyrit.backend.services.target_service.get_azure_openai_auth",
+            return_value=_test_token_provider,
+        ):
+            service = TargetService()
+
+            original_params = {
+                "endpoint": "https://test.openai.azure.com/",
+                "model_name": "gpt-4o",
+                "api_key": "original-key",
+            }
+            request = CreateTargetRequest(
+                type="OpenAIChatTarget",
+                params=dict(original_params),
+                auth_mode="entra",
+            )
+
+            await service.create_target_async(request=request)
+
+            # The caller's request.params must be unchanged after the call.
+            assert request.params == original_params
+
+    async def test_create_openai_target_with_entra_non_azure_endpoint_raises(self, sqlite_instance) -> None:
+        """Entra ID requires a known Azure OpenAI / AI Foundry hostname suffix."""
+        service = TargetService()
+
+        request = CreateTargetRequest(
+            type="OpenAIChatTarget",
+            params={"endpoint": "https://api.openai.com/"},
+            auth_mode="entra",
+        )
+
+        with pytest.raises(ValueError, match="Azure endpoint"):
+            await service.create_target_async(request=request)
+
+    async def test_create_openai_target_with_entra_substring_lookalike_endpoint_raises(self, sqlite_instance) -> None:
+        """Substring 'azure' in the hostname must not be enough to pass Entra validation."""
+        service = TargetService()
+
+        request = CreateTargetRequest(
+            type="OpenAIChatTarget",
+            # Hostname contains 'azure' but does NOT end with an approved suffix.
+            params={"endpoint": "https://evil-azure.example.com/"},
+            auth_mode="entra",
+        )
+
+        with pytest.raises(ValueError, match="Azure endpoint"):
+            await service.create_target_async(request=request)
+
+    async def test_create_openai_target_with_entra_missing_endpoint_raises(self, sqlite_instance) -> None:
+        """Entra ID for OpenAI must reject a missing endpoint with a clear error."""
+        service = TargetService()
+
+        request = CreateTargetRequest(
+            type="OpenAIChatTarget",
+            params={},
+            auth_mode="entra",
+        )
+
+        with pytest.raises(ValueError, match="endpoint"):
+            await service.create_target_async(request=request)
+
+    async def test_create_azureml_target_with_entra_injects_token_provider(self, sqlite_instance) -> None:
+        """AzureML Entra path: api_key is replaced with the ML scope token provider."""
+
+        with patch(
+            "pyrit.backend.services.target_service.get_azure_async_token_provider",
+            return_value=_test_token_provider,
+        ) as mock_get_provider:
+            service = TargetService()
+
+            request = CreateTargetRequest(
+                type="AzureMLChatTarget",
+                params={"endpoint": "https://my-aml.region.inference.ml.azure.com/score"},
+                auth_mode="entra",
+            )
+
+            result = await service.create_target_async(request=request)
+
+            mock_get_provider.assert_called_once_with("https://ml.azure.com/.default")
+            target_obj = service.get_target_object(target_registry_name=result.target_registry_name)
+            assert target_obj is not None
+            # AzureMLChatTarget stores the provider on _api_key_provider; static _api_key is cleared.
+            assert target_obj._api_key_provider is _test_token_provider  # type: ignore[attr-defined]
+            assert target_obj._api_key == ""  # type: ignore[attr-defined]
+
+    async def test_create_target_entra_unsupported_type_raises(self, sqlite_instance) -> None:
+        """Entra ID is only supported for OpenAI-family and AzureMLChatTarget."""
+        service = TargetService()
+
+        request = CreateTargetRequest(
+            type="TextTarget",
+            params={},
+            auth_mode="entra",
+        )
+
+        with pytest.raises(ValueError, match="does not support Entra"):
+            await service.create_target_async(request=request)
+
+
 class TestTargetServiceSingleton:
     """Tests for get_target_service singleton function."""
 
diff --git a/tests/unit/prompt_target/target/test_azure_ml_chat_target.py b/tests/unit/prompt_target/target/test_azure_ml_chat_target.py
index e9517d3ec..8ae23b274 100644
--- a/tests/unit/prompt_target/target/test_azure_ml_chat_target.py
+++ b/tests/unit/prompt_target/target/test_azure_ml_chat_target.py
@@ -236,3 +236,129 @@ def test_valid_temperature_and_top_p(patch_central_database):
     )
     assert target._temperature == 1.5
     assert target._top_p == 0.9
+
+
+def test_initialization_with_async_token_provider_stores_provider(patch_central_database):
+    """A callable api_key is stored as the token provider and _api_key is cleared."""
+
+    async def async_provider() -> str:
+        return "entra-token"
+
+    target = AzureMLChatTarget(
+        endpoint="http://aml-test-endpoint.com",
+        api_key=async_provider,
+    )
+
+    assert target._api_key_provider is async_provider
+    assert target._api_key == ""
+
+
+def test_initialization_with_sync_token_provider_is_wrapped(patch_central_database):
+    """A sync token provider is wrapped so it can be awaited in the async send path."""
+
+    def sync_provider() -> str:
+        return "entra-token"
+
+    target = AzureMLChatTarget(
+        endpoint="http://aml-test-endpoint.com",
+        api_key=sync_provider,
+    )
+
+    # ensure_async_token_provider wraps it, so it's not the same callable but is still callable.
+    assert target._api_key_provider is not None
+    assert target._api_key_provider is not sync_provider
+    assert callable(target._api_key_provider)
+    assert target._api_key == ""
+
+
+def test_initialization_with_callable_ignores_env_var(patch_central_database):
+    """When a callable api_key is provided, AZURE_ML_KEY must not leak through."""
+
+    async def async_provider() -> str:
+        return "entra-token"
+
+    with patch.dict(os.environ, {AzureMLChatTarget.api_key_environment_variable: "env-key"}):
+        target = AzureMLChatTarget(
+            endpoint="http://aml-test-endpoint.com",
+            api_key=async_provider,
+        )
+
+    assert target._api_key_provider is async_provider
+    assert target._api_key == ""
+
+
+def test_get_headers_raises_when_token_provider_configured(patch_central_database):
+    """Sync _get_headers must refuse to operate when an Entra provider is configured."""
+
+    async def async_provider() -> str:
+        return "entra-token"
+
+    target = AzureMLChatTarget(
+        endpoint="http://aml-test-endpoint.com",
+        api_key=async_provider,
+    )
+
+    with pytest.raises(ValueError, match="token provider"):
+        target._get_headers()
+
+
+async def test_get_headers_async_resolves_token_from_provider(patch_central_database):
+    """_get_headers_async awaits the configured provider and builds a Bearer header."""
+
+    async def async_provider() -> str:
+        return "fresh-entra-token"
+
+    target = AzureMLChatTarget(
+        endpoint="http://aml-test-endpoint.com",
+        api_key=async_provider,
+    )
+
+    headers = await target._get_headers_async()
+
+    assert headers == {
+        "Content-Type": "application/json",
+        "Authorization": "Bearer fresh-entra-token",
+    }
+
+
+async def test_get_headers_async_falls_back_to_static_key(patch_central_database):
+    """With a static api_key, _get_headers_async returns the same headers as _get_headers."""
+    target = AzureMLChatTarget(
+        endpoint="http://aml-test-endpoint.com",
+        api_key="static-key",
+    )
+
+    headers = await target._get_headers_async()
+
+    assert headers == {
+        "Content-Type": "application/json",
+        "Authorization": "Bearer static-key",
+    }
+
+
+async def test_complete_chat_async_uses_token_provider_per_request(patch_central_database):
+    """Each send re-acquires the token from the provider (auto-refresh)."""
+    token_provider = AsyncMock(side_effect=["token-1", "token-2"])
+
+    target = AzureMLChatTarget(
+        endpoint="http://aml-test-endpoint.com",
+        api_key=token_provider,
+    )
+
+    messages = [
+        Message(message_pieces=[MessagePiece(role="user", conversation_id="abc", original_value="hi")]),
+    ]
+
+    with patch("pyrit.common.net_utility.make_request_and_raise_if_error_async", new_callable=AsyncMock) as mock:
+        mock_response = MagicMock()
+        mock_response.json.return_value = {"output": "ok"}
+        mock.return_value = mock_response
+
+        await target._complete_chat_async(messages)
+        await target._complete_chat_async(messages)
+
+        assert token_provider.await_count == 2
+        headers_first = mock.call_args_list[0].kwargs["headers"]
+        headers_second = mock.call_args_list[1].kwargs["headers"]
+        assert headers_first["Authorization"] == "Bearer token-1"
+        assert headers_second["Authorization"] == "Bearer token-2"