Setting up Azure App Configuration authentication using certificates

Question

How do I setup to provide access to the Azure App Configuration using certificate ?

My application (.net framework 4.7.2 webApi) is on-prem

As I want to continue using the ConfigurationManager to initialize connectionStrings and appSettings I am using AzureAppConfigurationBuilder with AzureKeyVaultConfigBuilder from here

But as the 2 builders integrate based of Azure.Identity credential, I want to use Certificates to generate credentials for my use case

For keyVault we can link access by importing the certificate, but how do I setup the Azure App Configuration for the certificate access ?

Thanks

Answer 1

@Samuel Alexander Thank you for reaching out to Microsoft Q&A. Based on your statement and with AzureAppConfigurationBuilder in your app, you can use certificate as authentication.

The docs you shared; it makes use of DefaultAzureCredential method. You would need to extend the builder in your application code and override GetCredential() method with correct TokenCredential; ClientCertificateCredential for your scenario (Check Credential Classes for all supported types.). If you have any questions or face issues with extending the method, feel free to add a comment. I would be happy to assist you.

Note: The docs also talk about RBAC roles that are needed to access the configuration. Refer Azure built-in roles for Azure App Configuration for more info.

For .NetCore that use DefaultAzureCredential,you can change it to ClientCertificateCredential.

I hope this answers your question and feel free to add if you have any questions. Please 'Accept as answer' and ‘Upvote’ if it helped so that it can help others in the community.