Azure Key Vault Credential Provider Secret Path Expressions

Use the path expressions listed in this topic to use the Azure Key Vault credential providers in your source authentication configurations.

The Azure Key Vault Credential Provider can provide any field supported by Azure Key Vault , such as username and password secrets.

Generic Path Syntax

For Secrets: secrets://{credential-provider-source-name}/{secret-identifier}/{secret-key}

For Keys: secrets://{credential-provider-source-name}/{key-identifier}/{secret-key}

For Certificates: secrets://{credential-provider-source-name}/{certificate-identifier}/{secret-key}

The following is an explanation of the attributes of this URL:

  • credential-provider-source-name – The name of the credential provider source configured in ISC.

  • secret-identifier – The unique identifier of the secret created in Azure Key Vault.

  • key- identifier – The Unique identifier of the key created in Azure Key Vault.

  • certificate-identifier – The Unique identifier of the certificate created in Azure Key Vault.

  • secret-key – The name of the specific attribute whose value needs to be obtained from JSON response.

Important
The secret-identifier, key-identifier, and certificate-identifier include a version ID. To always fetch the latest value of the secret, key, or certificate, omit the version ID from the identifiers.

Note
The Unique Identifier of secrets, keys and certificates can be obtained by navigating to Key vaults > KeyVaultName > Objects > Secrets/Keys/Certificates > SecretName > LatestVersion