Workleap.Extensions.Configuration.Secrets

This package allows storing configuration values in Azure Key Vault Secrets, using the right Azure credentials based on the current environment.

It can also be used to register ITokenCredentialProvider and ISecretClientProvider in IServiceCollection in order to access Azure credentials or a SecretClient instance.

Getting started

dotnet add package Workleap.Extensions.Configuration.Secrets

Example with an ASP.NET Core minimal API:

var builder = WebApplication.CreateBuilder();

// There are three ways to load configuration values from Azure Key Vault:
builder.Configuration.AddKeyVaultSecrets(builder.Environment);
builder.Configuration.AddKeyVaultSecrets(builder.Environment, new Uri("<my-key-vault-url>"));
builder.Configuration.AddKeyVaultSecrets(builder.Environment, "<my-configuration-key>");

// Register ITokenCredentialProvider and ISecretClientProvider services (optional)
builder.Services.AddKeyVaultSecrets();

Using the registered services

ITokenCredentialProvider and its public implementation TokenCredentialProvider provides an instance of TokenCredential based on the current environment:

ManagedIdentityCredential on a non-development environment,
Chained credentials of AzureCliCredential and ManagedIdentityCredential in development environment, or
CachedInteractiveBrowserCredential in development environment only when Fiddler is opened (Fiddler interferes with az login authentication).

var azureCredential = new TokenCredentialProvider(environment).GetTokenCredential(); // or
var azureCredential = services.GetRequiredService<ITokenCredentialProvider>().GetTokenCredential();

ISecretClientProvider and its public implementation SecretClientProvider provides an instance of SecretClient based on the current environment:

var secretClientProvider = new SecretClientProvider(configurationBuilder, environment); // or
var secretClientProvider = new SecretClientProvider(configuration, environment); // or
var secretClientProvider = services.GetRequiredService<ISecretClientProvider>();

var secretClient = secretClientProvider.GetSecretClient(keyVaultKind); // or
var secretClient = secretClientProvider.GetSecretClient(keyVaultUri); // or
var secretClient = secretClientProvider.GetSecretClient(configurationKey);

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Workleap.Extensions.Configuration.Secrets

Getting started

Using the registered services

License

Files

README.md

Latest commit

History

README.md

File metadata and controls

Workleap.Extensions.Configuration.Secrets

Getting started

Using the registered services

License