public AzureKeyvaultService(IOptions <KeyvaultSettings> keyvaultOptions, AzureServiceTokenProvider azureServiceTokenProvider) { /* * The AzureServiceTokenProvider class (which is part of Microsoft.Azure.Services.AppAuthentication) tries the following methods to get an access token:- * 1. Managed Service Identity (MSI) - for scenarios where the code is deployed to Azure, and the Azure resource supports MSI. * 2. Azure CLI (for local development) - Azure CLI version 2.0.12 and above supports the get-access-token option. AzureServiceTokenProvider uses this option to get an access token for local development. * 3. Active Directory Integrated Authentication (for local development). To use integrated Windows authentication, your domain’s Active Directory must be federated with Azure Active Directory. Your application must be running on a domain-joined machine under a user’s domain credentials. */ _azureServiceTokenProvider = azureServiceTokenProvider; _keyvaultSettings = keyvaultOptions.Value; }
public static IWebHostBuilder CreateWebHostBuilder(string[] args) => WebHost.CreateDefaultBuilder(args) .ConfigureAppConfiguration((context, config) => { var builtConfig = config.Build(); var keyvaultSettings = new KeyvaultSettings(); builtConfig.Bind("Keyvault", keyvaultSettings); var keyVaultConfig = new ConfigurationBuilder() .AddAzureKeyVault( keyvaultSettings.Uri, keyvaultSettings.AppId, keyvaultSettings.Secret) .Build(); config.AddConfiguration(keyVaultConfig); }) .UseStartup <Startup>();