- This library assumes you have an Azure Key Vault setup along with user credentials with rights to access the vault.
-
Create new App Credentials
-
Azure Active Directory > App registrations > New registration
- Settings: Any
- Copy the Application (client) ID
-
Create Secret for the New App Credentials
- Certificates & secrets > New client secret > Add
- Copy the Value
- Certificates & secrets > New client secret > Add
-
-
Create a Security Group to Access the Key Vault
- Azure Active Directory > Groups > New Group
- Settings:
- Group Type: Security
- Membership Type: Assigned
- Members: Add the App Credentials created previously
- Settings:
- Azure Active Directory > Groups > New Group
-
Create the Key Vault
-
Key vaults > Add > Create
- Settings:
- Add Access Policies:
- Permissions: Set all to Get only
- Select principal: Add the Security Group created earlier
- Add Access Policies:
- Copy the DNS Name
- Settings:
-
Create a Secret to store in the Key Vault
- Secrets > Generate/Import > Create
- Copy the Name and the Secret Identifier
- Secrets > Generate/Import > Create
-
- Create an instance of KeyVaultService using the App's credentials
KeyVaultService kvs = new KeyVaultService("[Application (client) ID]", "[Application Client Secret Value]");
- Get the secret by using either:
- The secret's Secret Identifier, or
kvs.GetSecret("[Secret Identifier]");
- The Key Vault's DNS Name and the Secret's Name
kvs.GetSecret("[Key Vault DNS Name]", "[Secret Name]")
- The secret's Secret Identifier, or
- Call KeyVaultService.Dispose() to end the session and remove the stored credentials