Share via


KeyClient.BackupKey(String, CancellationToken) Method

Definition

Requests that a backup of the specified key be downloaded to the client.

public virtual Azure.Response<byte[]> BackupKey (string name, System.Threading.CancellationToken cancellationToken = default);
abstract member BackupKey : string * System.Threading.CancellationToken -> Azure.Response<byte[]>
override this.BackupKey : string * System.Threading.CancellationToken -> Azure.Response<byte[]>
Public Overridable Function BackupKey (name As String, Optional cancellationToken As CancellationToken = Nothing) As Response(Of Byte())

Parameters

name
String

The name of the key.

cancellationToken
CancellationToken

A CancellationToken controlling the request lifetime.

Returns

Exceptions

name is an empty string.

name is null.

The server returned an error. See Message for details returned from the server.

Remarks

The Key Backup operation exports a key from Azure Key Vault in a protected form. Note that this operation does NOT return the actual key in a form that can be used outside the Azure Key Vault system, the returned key is either protected to a Azure Key Vault HSM or to Azure Key Vault itself. The intent of this operation is to allow a client to GENERATE a key in one Azure Key Vault instance, BACKUP the key, and then RESTORE it into another Azure Key Vault instance. The BACKUP operation may be used to export, in protected form, any key type from Azure Key Vault. Individual versions of a key cannot be backed up. BACKUP / RESTORE can be performed within geographical boundaries only; meaning that a BACKUP from one geographical area cannot be restored to another geographical area. For example, a backup from the US geographical area cannot be restored in an EU geographical area. This operation requires the key/backup permission.

Applies to