How to use Key Vault reference locally in asp.net (framework) application

Bhavya Shah 25 Reputation points
2023-06-09T07:09:44.6533333+00:00

Key Vault reference works locally for DotNet Core apps (Functions, ASP.NET Core). But can we use Key Vault reference locally in ASP.NET (Framework) applications.

E.g.

In framework app, we read app setting values as follows:

using System.Configuration;

var mySecretValue = ConfigurationManager.AppSettings["myKey"];

In my web.config file the value of this key is a key vault reference:

<appSettings>

<add key="myKey" value="@Microsoft.KeyVault(SecretUri=https://myvault.vault.azure.net/secrets/myKey))"/>

</appSettings>

The above works fine when deployed on Azure App Service. I deploy the App Settings under App Service --> Configuration --> AppSettings. mySecretValue variables gets the value of the secret stored in KV.

But when this is run locally, it just gets the literal string stored in web.config file:

E.g.

Value of mySecretValue is @Microsoft.KeyVault(SecretUri=https://myvault.vault.azure.net/secrets/myKey))

It does not resolve the Key Vault reference.

Please note that I run Visual Studio as "Admin" and the Sign-in account in VS has permissions to the respective KV.

Please note that I cannot use Environment.GetEnvironmentVariable() in this case because it is ASP.NET (Framework) app.

Any pointers are appreciated.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,135 questions
ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,288 questions
Accepted answer
  1. Lan Huang-MSFT 25,876 Reputation points Microsoft Vendor
    2023-06-09T07:56:50.3933333+00:00

    Hi @Bhavya Shah,

    Have you tried adding Key Vault to your web application using Visual Studio Connected Services.

    You can follow the documentation steps below and follow this tutorial and your Key Vault permissions will be set up to work with your own Azure subscription.

    Add Key Vault to your web application by using Visual Studio Connected Services

    You can also refer to the following documents:

    How to Override Web.config values with Azure KeyVault in .NET Framework 4.7.1

    On-prem ASP.NET Framework web app with Azure Key Vault

    Please note that I cannot use Environment.GetEnvironmentVariable() in this case because it is ASP.NET (Framework) app.

    By the way, the Environment.GetEnvironmentVariable method is also available in the .NET Framework.

    https://learn.microsoft.com/en-us/dotnet/api/system.environment.getenvironmentvariable?view=netframework-4.8

    Best regards,
    Lan Huang

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest