Azure Notification Hubs
An Azure service that is used to send push notifications to all major platforms from the cloud or on-premises environments.
262 questions
Azure Notification Hub where to specify connection info?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 99%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
SSB
86
Reputation points
Hi,
I am following the tutorial in the link below to send push notifications from my WebAPI - they are saying to specify the Notification Hub Name and the Connection string using dotnet user-secrets
Is there anyway i can just set these in the code directly?
or via the appsettings.json file?
I know its not best-practice, but this is a small app right now
dotnet user-secrets init
dotnet user-secrets set "NotificationHub:Name" <value>
dotnet user-secrets set "NotificationHub:ConnectionString" <value>
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 92%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
ajkuma 22,401 Reputation points Microsoft Employee2021-03-22T16:16:36.827+00:00 @SSB , Thanks for the question. Yes. as outlined in the doc, a more secure approach is to store the password as a secret.
As in general case, you can try with database connection string stored in appsettings.json.
Environment variables are used to avoid storage of app secrets in code or in local configuration files. Environment variables override configuration values for all previously specified configuration sources.In a test case, consider an ASP.NET Core app in which Individual User Accounts security is enabled. A default database connection string is included in the project's appsettings.json file with the key DefaultConnection. The default connection string is for LocalDB, which runs in user mode and doesn't require a password.
During app deployment, the DefaultConnection key value can be overridden with an environment variable's value. The environment variable may store the complete connection string with sensitive credentials.
See 'Important':
-
ajkuma 22,401 Reputation points Microsoft Employee
2021-03-22T16:18:29.827+00:00 @SSB , Adding more to the above:
Important:As you mentioned, it’s not a best practice, just sharing for additional info. Environment variables are generally stored in plain, unencrypted text. If the machine or process is compromised, environment variables can be accessed by untrusted parties. Additional measures to prevent disclosure of user secrets may be required.Never store passwords or other sensitive data in source code. Production secrets shouldn't be used for development or test. Secrets shouldn't be deployed with the app. Instead, production secrets should be accessed through a controlled means like environment variables or Azure Key Vault. You can store and protect Azure test and production secrets with the Azure Key Vault configuration provider.
Example:
{
"ConnectionStrings": {
"Testspace": "Server=(localdb)\mssqllocaldb;Database=Testspace-1;User Id=Testuser;Password=randompassword;MultipleActiveResultSets=true"
}
} -
ajkuma 22,401 Reputation points Microsoft Employee
2021-03-22T16:23:30.68+00:00 P.S. I have added additional tags to receive insights from the respective SMEs/community.
-
SSB 86 Reputation points
2021-03-23T19:06:42.777+00:00 Hi does this apply for the Notification Hubs connections as well? Or just databases?
I'm not clear how to set the Azure Notification Hub Name and Notification Connection
-
ajkuma 22,401 Reputation points Microsoft Employee
2021-03-25T15:11:11.86+00:00 @SSB , I understand you have stated "I know its not best-practice, but this is a small app right now" , could you please share the underlying requirement to not use dotnet user-secrets?
If it fits your requirement, the other best option would to be use KeyVault to store the connection string and hub name as per 'Azure Key Vault configuration provider in ASP.NET Core | Microsoft Learn'As noted, it is not considered best practice to leave the connection string unencrypted locally.
-
SSB 86 Reputation points
2021-03-26T09:19:09.317+00:00 This is just for testing purposes. Also what if I need to connect to two different Hubs for example? how does one set the connection string to Azure Notification centers?
-
ajkuma 22,401 Reputation points Microsoft Employee
2021-03-28T18:02:29.813+00:00 Thanks for the update. If I have understood you correctly, different apps should use separate key vaults to isolate app environments for the highest level of security. However, do not use prefixes on key vault secrets to place secrets for multiple apps into the same vault.
Sign in to comment