How are client applications typically granted access to a cognitive services endpoint?

Client applications are typically granted access to a cognitive services endpoint by specifying a valid subscription key. This key serves as a unique identifier for the application and is part of the authentication process that ensures only authorized users and applications can utilize the cognitive service.

When developers create applications that use Microsoft Azure Cognitive Services, they must first obtain a subscription key from the Azure portal. This key is then included in the headers of API requests, which allows the cognitive service to verify that the application has the necessary permissions to access the resources. This method of securing access is critical for protecting sensitive data and managing usage by controlling access to the endpoints.

Other options do not correctly represent how access is managed. For instance, requiring a username and password would imply a different authentication method that is not typically used for Azure's cognitive services. Allowing access to anonymous users or providing default access to all applications undermines the security provided by subscription keys, making it crucial to use keys for proper access control.