AI and Machine LearningDocument Intelligenceverified
Read model
The Read model is the Azure AI Document Intelligence model you use when the first job is simply to turn document images into usable text. It reads printed text, handwriting, lines, words, and positions, then returns structured results that an application can store, search, review, or pass to another model. It is useful when the document type is varied or when you need OCR before classification, extraction, translation, summarization, or human review. Think of it as the text-capture layer for document automation.
Document Intelligence Read model, prebuilt-read, Read OCR, OCR read model, Azure AI Read model
Difficulty
fundamentals
CLI mappings
5
Last verified
2026-05-21
Microsoft Learn
In Azure AI Document Intelligence, the Read model is the prebuilt OCR model that extracts printed and handwritten text, words, lines, bounding locations, and languages from documents and images. It is also the text foundation used by layout, prebuilt, and custom document models.
In Azure architecture, the Read model sits in the AI data plane of an Azure AI Document Intelligence resource. Applications call the prebuilt-read model through REST APIs, SDKs, or Document Intelligence Studio, usually after files are stored in Blob Storage or received through an upload workflow. Its output can feed Azure AI Search, Functions, Logic Apps, durable workflows, databases, queues, or human review systems. Identity, private endpoints, network rules, diagnostic settings, and key management determine how safely the OCR service is reached and monitored.
Why it matters
The Read model matters because most document workflows fail before business logic starts if text capture is inaccurate or inconsistent. Invoices, forms, IDs, shipping documents, inspection reports, and contracts often arrive as scans, photos, or mixed-quality PDFs. A reliable OCR foundation lets teams search documents, extract fields, route exceptions, build RAG indexes, translate content, or compare results across versions. It also reduces manual rekeying and improves auditability because extracted words and locations can be reviewed. For architects, the Read model separates document ingestion from later classification or extraction decisions, making pipelines easier to scale, test, and secure It also gives reviewers concrete page evidence instead of vague automation claims.
⌁
Where you see it
Signals, screens, and Azure surfaces where this term usually becomes operational.
Signal 01
Document Intelligence Studio shows the Read model when users test OCR extraction, inspect detected lines and words, and compare output against scanned pages before automating workloads.
Signal 02
Application logs show operation IDs, model identifiers, file names, status transitions, and failure reasons when Functions or services call prebuilt-read through REST APIs or SDKs.
Signal 03
Azure AI Search indexes, storage records, or review queues reveal Read model output as extracted text, word locations, searchable PDFs, and document-processing metadata during support triage.
✦
When this becomes relevant
Specific situations where this term helps solve real Azure design, operations, migration, security, reliability, cost, or governance problems.
Extract text from scanned PDFs before routing invoices, contracts, inspection reports, or shipping documents to specialized extraction models.
Create searchable archives by storing OCR text and page locations alongside original documents in Blob Storage or Azure AI Search.
Feed RAG or summarization pipelines with document text while preserving source references, page numbers, and reviewable extraction evidence.
Automate intake for mixed document types when classification or custom extraction cannot start until raw text is available.
Reduce manual transcription in back-office workflows while keeping failed or low-confidence documents available for human review.
◆
Real-world case studies
Different enterprise-style examples that show the term being used to hit measurable objectives.
Scenario, objectives, solution, measured impact, and takeaway.
📌Scenario
HarborLane Logistics processed thousands of bills of lading and customs forms from carriers, many arriving as skewed phone photos. Manual rekeying delayed exception handling and created disputes with shippers.
🎯Business/Technical Objectives
Reduce manual transcription time for freight documents by at least 60 percent.
Preserve searchable text and page references for dispute investigations.
Keep carrier-uploaded files inside a private Azure network path.
Route unreadable documents to a review queue within one business hour.
✅Solution Using Read model
The platform team stored uploaded documents in a private Blob Storage account and used Event Grid to trigger an Azure Function. The Function submitted each file to the Document Intelligence Read model, stored extracted lines, word locations, and operation IDs in Azure SQL Database, and sent low-confidence or failed documents to a Service Bus review queue. Private endpoints connected storage, the Function app, and the Document Intelligence resource. Application Insights tracked operation duration, retry count, and failed file type. The team also indexed extracted text in Azure AI Search so operations staff could search by container number, carrier, or port code.
📈Results & Business Impact
Average transcription time dropped from 18 minutes per packet to six minutes.
Dispute investigators found source text 72 percent faster using indexed OCR output.
Unreadable document routing improved from next-day discovery to under 40 minutes.
Private endpoint enforcement removed public document-processing traffic from the workflow.
💡Key Takeaway for Glossary Readers
The Read model is most valuable when OCR output becomes a traceable, searchable foundation for the rest of the workflow.
Case study 02
University library makes research scans searchable
Scenario, objectives, solution, measured impact, and takeaway.
📌Scenario
Northbridge University Library held decades of scanned grant files and handwritten field notes. Researchers could browse folders, but they could not search text across collections.
🎯Business/Technical Objectives
Create searchable text for 1.8 million scanned pages.
Retain original files and OCR outputs for records-management review.
Separate public research search from restricted donor and personnel files.
Process nightly batches without overwhelming downstream indexing.
✅Solution Using Read model
The library modernization team grouped documents by collection and placed each batch in Blob Storage with metadata for department, sensitivity, and retention. An Azure Durable Functions workflow submitted pages to the Read model, recorded operation status, and wrote extracted text plus page coordinates to a curated storage container. Azure AI Search indexed only approved collections, while restricted results stayed in a separate index with Microsoft Entra group access. Queue-based throttling limited concurrent OCR calls, and a dashboard showed pages processed, failures, average analysis time, and search-index lag.
📈Results & Business Impact
The first 420,000 pages became searchable in six weeks instead of the planned five months.
Restricted collection leakage was avoided by separating indexes and access groups.
Scenario, objectives, solution, measured impact, and takeaway.
📌Scenario
A city permitting office received construction applications in English and Spanish, including scanned drawings, handwritten notes, and contractor attachments. Staff could not triage urgent safety permits quickly.
🎯Business/Technical Objectives
Extract readable text from mixed-language permit packets at intake.
Prioritize applications mentioning safety hazards or occupancy changes.
Provide reviewers with page-level evidence instead of raw file hunting.
Keep citizen documents aligned with municipal retention requirements.
✅Solution Using Read model
The city deployed a document-intake workflow where uploaded packets landed in Blob Storage and were processed by an Azure Function. The Function called the Read model, captured detected language, line text, and page coordinates, then stored results in Cosmos DB with a pointer to the original blob. A rules service flagged hazard terms and routed urgent applications into a Teams-connected review queue. Azure Policy enforced private networking and diagnostic settings on the storage, Function, and AI resources, while lifecycle rules retained original and extracted content according to permit category.
📈Results & Business Impact
Urgent permit triage time dropped from two business days to under four hours.
Reviewers opened the correct page evidence 64 percent faster during intake checks.
The office avoided duplicate OCR charges by hashing files before analysis.
Retention policy alignment passed the city records audit with no corrective findings.
💡Key Takeaway for Glossary Readers
The Read model gives document-heavy public workflows a practical way to find meaning before full business review begins.
Why use Azure CLI for this?
As an Azure engineer with ten years of production document workloads, I do not use Azure CLI to run the Read model itself as my main path; REST, SDKs, and Studio are better for analysis calls. I do use CLI to prove the surrounding resource state. It lets me inventory Document Intelligence resources, confirm endpoint and key settings, inspect private endpoints, validate diagnostic settings, check managed identity permissions, and export evidence before a batch launch. Portal clicks help during demos, but CLI is faster for repeatable environment checks, incident triage, and drift detection across subscriptions That matters most when many environments share similar names.
CLI use cases
List Azure AI services resources that host Document Intelligence capabilities in a subscription or resource group.
Inspect endpoint, region, SKU, identity, network restrictions, and tags before wiring an OCR pipeline.
Regenerate or retrieve keys only through approved break-glass procedures when key-based access is still used.
Validate private endpoint connections and DNS assumptions before moving document intake behind a private boundary.
Export diagnostic settings and role assignments for audit evidence before processing regulated documents.
Before you run CLI
Confirm the tenant, subscription, resource group, Document Intelligence resource name, region, and whether the workload uses keys, Microsoft Entra auth, or managed identity.
Check provider registration for Microsoft.CognitiveServices and avoid mutating network or key settings during active document batches unless a rollback path exists.
Use JSON output for evidence exports, especially when validating private endpoints, role assignments, diagnostic settings, and key rotation history.
Verify storage account, queue, Function, and search resources separately because the Read model is only one stage in the pipeline.
Confirm whether documents contain regulated data before exposing logs, command output, or generated artifacts to support teams.
What output tells you
Resource name, location, and SKU confirm whether the expected Document Intelligence-capable Azure AI service is being inspected.
Endpoint and network properties show how applications reach the service and whether public access or private endpoints are involved.
Identity and role assignment output shows which workload principals can call the resource or manage its configuration.
Diagnostic setting output confirms whether operational logs and metrics are being sent to Log Analytics, Event Hubs, or Storage.
Private endpoint connection states indicate whether the service is approved, pending, rejected, or disconnected from the intended network boundary.
Mapped Azure CLI commands
Document Intelligence operations
adjacent
az cognitiveservices account list --resource-group <resource-group>
az cognitiveservices accountdiscoverAI and Machine Learning
az cognitiveservices account show --name <account-name> --resource-group <resource-group>
az cognitiveservices accountdiscoverAI and Machine Learning
az cognitiveservices accountprovisionAI and Machine Learning
az cognitiveservices account keys list --name <account-name> --resource-group <resource-group>
az cognitiveservices account keysdiscoverAI and Machine Learning
az cognitiveservices account delete --name <account-name> --resource-group <resource-group>
az cognitiveservices accountremoveAI and Machine Learning
Architecture context
A seasoned Azure architect treats the Read model as an ingestion capability, not a full document-processing architecture by itself. The usual pattern starts with secure upload to Blob Storage, a queue or Event Grid trigger, a Function or workflow that calls Document Intelligence, and durable storage for results. Private endpoints and managed identities reduce exposure, while diagnostic logs and Application Insights help trace failed analyses. For high-volume processing, throttle handling, retry strategy, file-size limits, regional placement, and downstream storage design matter as much as OCR accuracy. The model also becomes an upstream dependency for search, compliance review, and generative AI grounding pipelines.
Security
Security impact is direct because the Read model processes documents that may contain customer data, contracts, personal identifiers, or regulated records. Protect the Document Intelligence resource with Microsoft Entra-based access where supported, private endpoints, network restrictions, key rotation, and controlled storage containers. Avoid sending document URLs that are publicly reachable or long-lived. Store extracted text with the same classification as the source document, because OCR output can expose sensitive content even when the original file is locked down. Diagnostic logs should capture operational evidence without leaking document payloads, and access to model results should be separated from access to submit documents.
Cost
Cost comes from Document Intelligence transactions, storage, orchestration, logging, and downstream processing. A Read model call may be cheap compared with manual review, but costs can grow quickly when every upload, duplicate file, failed retry, or reprocessing job triggers analysis. FinOps owners should watch page counts, batch size, retry loops, retention of extracted text, and whether expensive downstream AI workflows run on every OCR result. Storing searchable PDFs, full text, and bounding data can also increase storage and index costs. Good controls include deduplication, idempotency keys, lifecycle rules, budget alerts, and separate metering for production and experimentation Chargeback tags should distinguish experimentation, production intake, and replay batches clearly.
Reliability
Reliability depends on the whole document pipeline, not only the Read model. OCR calls can fail because of unsupported formats, oversized files, regional service issues, network restrictions, throttling, or downstream storage failures. Production designs should queue work, use idempotent job IDs, retry safely, preserve original files, and track analysis status until completion. Operators need a dead-letter path for documents that repeatedly fail and a way to replay batches after service recovery. If Read output feeds search or AI answers, stale or missing OCR results can quietly reduce quality, so monitor completion rates, latency, errors, and backlog depth Backlog alarms should include owner, source container, and replay instructions.
Performance
Performance depends on document size, page count, image quality, regional latency, service throttles, and downstream processing. The Read model is often part of an asynchronous pipeline, so operators should measure end-to-end processing time, not only API response time. Poor scans, large PDFs, retries, or over-parallelized batch jobs can create backlogs and delay search indexing or approvals. Co-locating storage, compute, and Document Intelligence resources reduces unnecessary latency. Use queues to smooth spikes, parallelize within documented limits, and capture timing for upload, analysis submission, completion polling, result storage, and downstream enrichment so bottlenecks are visible Baseline runs with representative files prevent unrealistic expectations from tiny demo documents.
Operations
Operators inspect Read model workflows through Document Intelligence Studio tests, API responses, diagnostic logs, storage queues, Function logs, and downstream records. Common work includes validating file formats, checking resource keys or identities, confirming private endpoint DNS, reviewing failed operation IDs, and comparing extracted text against source documents. Teams should document accepted file types, maximum sizes, retry rules, retention policy, and escalation paths for low-confidence output. For large batches, operators also track throughput, throttling, regional capacity, and processing backlog. A good runbook explains how to replay one document without duplicating results or losing audit history Versioned test documents should remain available for regression checks after model or workflow changes.
Common mistakes
Treating the Read model as a complete extraction solution when the workload also needs classification, validation, routing, or field-specific models.
Sending publicly accessible document URLs instead of using secured storage access or trusted application mediation.
Logging extracted text from sensitive documents into general-purpose application logs or support tickets.
Running unbounded retries that reprocess the same pages and inflate Document Intelligence and downstream search costs.
Ignoring private DNS and endpoint approval, which makes private OCR pipelines fail even when the resource exists.