- Home>
- HSM-backed keys
Update: This post shows how to authenticate to azure key vault using app id/secret. However, this approach is less secure than using managed identity for azure resource and certificate for non-azure resource to grant the resource access to the key vault. For production environment, you should definitely consider using azure managed identity or certificate to authenticate and access azure key vault from your resource. Checkout my other post for more details.
In this blog post, I’ll show you the steps on how to keep the credentials out of the source code of an ASP.NET Core app using Azure Key Vault.
If you want some convincing examples why leaving secrets in the source code is bad, check out this post.
I assume you have some familiarity with developing an ASP.NET core 2 app. You also need an Azure subscription to register your application in Azure Active Directory and create an Azure key vault.
Basically the process involves these steps:
Checkout the sample app for this post from my Git repo.