Using Azure Key Vault

Create a Key Vault

Log on to the Azure portal (portal.azure.com). Define a new Key Vault with a namo of your choice. Then create an App registration with and a client secret that has the neccesary access to the Key Vault. You need to keep the following data from the portal to store in F&O.

• DNS Name of the Key vault (Key Vault URL)
• The App registration's Client Id (Key Vault client)
• Client secret for the App registration (Key Vault secret key)

Setting up Key Vault Parameters

System administration | Setup | Key Vault parameters

Open the menu item in the desired company. Add a new record and give it a name and description. The three values above is placed in the fields mentioned in the parenthesis. I reccomend to use the name of your Azure Key Vault as the name in Finance and Operations, this makes it easier over time to maintain several environments and key vaults. Remember that the data in the Key Vault Parameters are stored per company.

Secrets

You can now add as many secrets you need. Give your secret a name and a description. The secret field must have the following syntax:

vault://[keyvaultname]/[secretname]

I use the name of the secret from the key vault as the name in Finance and Operations as well. This makes it easier to maintain over time, as this setup is normally done once and then not touched before the secret expires after a year or two.