This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 35%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFR%3C/text%3E%3C/svg%3E)
I'm working to remove secrets, like connection strings, passwords, etc. from our source code saved in Git repositories. One solution that looks very promising it storing secrets in Azure Key Vault. So, that's what I've been investigating.
We need to do this for on-prem, behind our security system, Intranet apps, which aren't exposed on the Internet. To test this, I've created an Azure Key Vault and put some secrets into it. Then I've written a simple .NET 8 console app, to try and find the secrets. I had been following this Microsoft Learn tutorial. I can get everything, but the ClientSecret. So, I've been trying to find that, which led me to this post on Stack Overflow.
Now I'm confused, because it looks to me like the app must be accessible from the Internet in some way, so that I can register it in Azure. However, if it is an Intranet app or a Windows app running behind our firewall, I don't see how that can happen.
Am I misunderstanding this? If it is possible to read secrets from an Azure Key Vault by an Intranet web app or a Windows app that only runs within our network, how is that done?
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
@Falanga, Rod, DOH Thank you for reaching out to us, As I understand you are looking to access secrets saved in Azure Key Vault from an on-prem app ?
Came across this post where similar requirement has been discussed.
https://stackoverflow.com/questions/49904715/use-azure-vault-secret-from-onpremise-web-application
Also could you help what kind of application do you have in on-premise ?
Let me know if you have any further questions, feel free to post back.
@Givary-MSFT we have two types. We have ASP.NET (both .NET Framework and .NET Core) apps that run as intranet web apps and exposed to the Interent for external customers. Then the other type is Windows applications, specifically WPF apps, all current written using .NET Framework 4.5.2 or above.