ReadEndless

Read, Learn, Grow.

Azure Key Vault in .NET Core

Intro

TitleURL
Key Vault
Safeguard cryptographic keys and other secrets used by cloud apps and services		https://azure.microsoft.com/en-us/services/key-vault/
About Azure Key Vaulthttps://docs.microsoft.com/en-us/azure/key-vault/general/overview
Microsoft identity platform and OAuth 2.0 On-Behalf-Of flowhttps://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow
How to fix “The policy requires the caller ‘…’ to use on-behalf-of (OBO) flow” when accessing Key Vault from App Service?https://docs.microsoft.com/en-us/answers/questions/117610/how-to-fix-34the-policy-requires-the-caller-3939-t.html

Azure Key Vault helps solve the following problems:

  • Secrets Management – Azure Key Vault can be used to Securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets
  • Key Management – Azure Key Vault can be used as a Key Management solution. Azure Key Vault makes it easy to create and control the encryption keys used to encrypt your data.
  • Certificate Management – Azure Key Vault lets you easily provision, manage, and deploy public and private Transport Layer Security/Secure Sockets Layer (TLS/SSL) certificates for use with Azure and your internal connected resources.
https://docs.microsoft.com/en-us/azure/key-vault/general/overview
How to securely store and load secrets using Azure Key Vault in .NET Core (using a certificate)
How to – Read Secret from Azure Key Vault using SecretClient class – Console App C#
https://nishantrana.me/2020/11/27/read-secret-from-azure-key-vault-using-secretclient-class-console-app-c/

https://www.c-sharpcorner.com/blogs/fetching-secrets-from-key-vault-in-net-console-app

public class Program
{
    static async Task Main()
    {
        string tenantId = "...";
        string clientId = "...";
        string clientSecret = "...";
        ClientSecretCredential clientSecretCredential = new ClientSecretCredential(tenantId, clientId, clientSecret);
        string vaultUrl = "https://app-name.vault.azure.net/";
        var client = new SecretClient(vaultUri: new Uri(vaultUrl), credential: clientSecretCredential);
        Response<KeyVaultSecret> response = await client.GetSecretAsync("AppSettings-CoinbaseProClient-ApiKey");
        Console.WriteLine(response);
    }
}

How can we get tenant id, client id and client secret for Azure Function App?

https://stackoverflow.com/questions/63776418/how-can-we-get-tenant-id-client-id-and-client-secret-for-azure-function-app

App registrations

ReadEndless

Leave a Reply

%d bloggers like this: