DefaultAzureCredential failed to retrieve a token from the included credentials.

Sean Ivins 0 Reputation points
2023-11-03T21:06:04.3933333+00:00

I'm trying to use DefaultAzureCredential in a .NET 6 application to access an Azure Key Vault in the following code block:

public static IHostBuilder CreateHostBuilder(
    string[] args) =>
        Host.CreateDefaultBuilder(args)
            .ConfigureAppConfiguration((context, config) =>
            {
                // Build the injected config to get the KeyVaultName
                var builtConfig = config.Build();

                // Add secrets from Key Vault
                config.AddAzureKeyVault(new Uri($"https://{builtConfig["KeyVaultName"]}.vault.azure.net/"), new DefaultAzureCredential());
            })
            .UseSerilog()
            .ConfigureWebHostDefaults(webBuilder =>
            {
                webBuilder.UseStartup
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,165 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Dronec 171 Reputation points
    2023-11-04T02:53:03.88+00:00

    VS is notorious for playing up with logged on credentials. I ended up creating a service principal that can access the resources I needed and specyfing its id and password in environmental variables on my dev machine. The variables are:

    AZURE_TENANT_ID

    AZURE_CLIENT_ID

    AZURE_CLIENT_SECRET

    DefaultAzureCredential works perfectly fine with them.