Events
Mar 17, 9 PM - Mar 21, 10 AM
Join the meetup series to build scalable AI solutions based on real-world use cases with fellow developers and experts.
Register nowAzure Key Vault Secrets configuration provider for Microsoft.Extensions.Configuration
The Azure.Extensions.AspNetCore.Configuration.Secrets package allows storing configuration values using Azure Key Vault Secrets.
Install the package with NuGet:
dotnet add package Azure.Extensions.AspNetCore.Configuration.Secrets
You need an Azure subscription and Azure Key Vault to use this package.
To create a new Key Vault, you can use the Azure Portal, Azure PowerShell, or the Azure CLI. Here's an example using the Azure CLI:
az keyvault create --name MyVault --resource-group MyResourceGroup --location westus
az keyvault secret set --vault-name MyVault --name MySecret --value "hVFkk965BuUv"
When using azure role-based access control, the identity you are authenticating has to have the "Key Vault Reader" and "Key Vault Secrets User" roles. The "Key Vault Reader" role allows the extension to list secrets while the "Key Vault Secrets User" allows retrieving their values.
az role assignment create --role "Key Vault Reader" --assignee {i.e user@microsoft.com} --scope /subscriptions/{subscriptionid}/resourcegroups/{resource-group-name}
az role assignment create --role "Key Vault Secrets User" --assignee {i.e user@microsoft.com} --scope /subscriptions/{subscriptionid}/resourcegroups/{resource-group-name}
We guarantee that all client instance methods are thread-safe and independent of each other (guideline). This ensures that the recommendation of reusing client instances is always safe, even across threads.
Client options | Accessing the response | Long-running operations | Handling failures | Diagnostics | Mocking | Client lifetime
To load initialize configuration from Azure Key Vault secrets call the AddAzureKeyVault on ConfigurationBuilder:
ConfigurationBuilder builder = new ConfigurationBuilder();
builder.AddAzureKeyVault(new Uri("<Vault URI>"), new DefaultAzureCredential());
IConfiguration configuration = builder.Build();
Console.WriteLine(configuration["MySecret"]);
The Azure Identity library provides easy Azure Active Directory support for authentication.
Read more about configuration in ASP.NET Core.
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit cla.microsoft.com.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
Azure SDK for .NET feedback
Azure SDK for .NET is an open source project. Select a link to provide feedback: