This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 84%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)
Hello,
I am trying to access the Azure secret via a C# console application. It works when I am in the debug mode as I registered myself in the Azure policy. However, if I just run the "exe", I receive the following error. What should I register in order to let the machine or console app to run?
Azure.Identity.CredentialUnavailableException: DefaultAzureCredential failed to retrieve a token from the included credentials
Thanks in advance!
Hello @Wanda ,
Hope you got a chance to review the answer suggested below. Kindly confirm if you have any further queries on this. In case you don't, please "Accept the answer". This will help us and others in the community as well.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
what authentication are you using to access the keyvault?
connection string
client secret
msal
string keyVaultName = ConfigurationManager.AppSettings["KEY_VAULT_NAME"];
var kvUri = $"https://{keyVaultName}.vault.azure.net";
var client = new SecretClient(new Uri(kvUri), new DefaultAzureCredential());
Console.WriteLine($"Retrieving your secret from {keyVaultName}.");
var secret = client.GetSecret(secretName);
Console.WriteLine($"Your secret is '{secret.Value.Value}'.");
Hello @Wanda ,
I was able to check through this and found that this is a known error while retrieving secret from key vault as per ref: https://techcommunity.microsoft.com/t5/iis-support-blog/defaultazurecredential-failed-to-retrieve-a-token/ba-p/3038734. Kindly follow the given actions :
In order to solve this issue in a local machine:
Thanks,
Akshay Kaushik
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Hi Akshay,
The challenge is I have AZURE_CLIENT_ID, AZURE_CLIENT_SECRET all in the Azure Key Vault since I want to save these variables in a secure way instead of having them in the environment variables. How safe is it to have the AZURE_CLIENT_SECRET in the environment variables? I initially have them all in the machine.config and decide to move them to Azure Key Vault.
Please advise.
Hello @Wanda ,
The console application code is using 'DefaultAzureCredential()' for authentication to key vault, which is using token from application managed identity to authenticate. It is also using exponential backoff for retries in case of key vault is being throttled.
Also, I have sent you a private message, kindly review this comment let me know in case you have any further queries (as per defined in private comment.)
Hello @Wanda ,
I am following up to see if you got a chance to review my comment above. kindly review this comment let me know in case you have any further queries (as per defined in private comment.) If no, then please "Accept the answer" if the information helped you. This will help us and others in the community as well.