Categories: Microsoft AzureMicrosoft Office 365Microsoft Power Automate

Azure Key Vault and Power Automate

Can you keep a secret? Have you tried using Azure Key Vault with Power Automate? here is an overview of the Azure Key Vault connector.

The Azure Key Vault

I’ve create an Azure Key vault to keep hold of my secrets.

The Azure Key Vault Connector

There are 4 actions that will list information from the Azure Key Vault

  • List keys
  • list secrets
  • List Secret versions
  • List key version

When you add these action to your flow you will soon see … well, not very much. A greyed out Sign in button and a Vault name

Once you have supplied a Vault name, the sing in button will enable itself.

And when we run these actions the secrets and the keys are returned.

But most likely we would want the actual secret information behind each secret. We will need to use another item for this.

The Get Secret action will get the details of the secrets.

When we run this flow, we will get the actual secret information from the Key Vault.

How often do you use settings inside a flow? The Key Vault might quite well be a good place to store some of your flow settings. So often settings are stored in SharePoint, while really these settings aren’t anything that you want to share.

Wait a moment, but the flow run is now sharing my secret! That is easily solved. You could now secure the output from the above action, using the secure your input and output in flows setting.

Decrypt and Encrypt data

The next two actions to look at are the Decrypt data with key and the Encrypt data with key.

And when you try these options you will get the following message:

Operation failed because client does not have permission to perform the operation on the key vault. Please check your permissions in the key vault access policies.

that is a bit annoying!

The way to solve this tick the boxes for Decrypt and Encrypt in the Access Policies in your Vault.

Once you’ve done this, problem solved and you can encrypt and desrypt your data using the Key Vault

Now if you combine these actions you can collect the Secrets and keys and use them within flows, however there is no create a secret action in flow. There is however an option to do this from Powershell.

Share
Pieter Veenstra

Business Applications Microsoft MVP working as the Head of Power Platform at Vantage 365. You can contact me using contact@sharepains.com

View Comments

  • List secret step only returns 25 rows, seems to be a limitation. How can we overcome it to show all secrets in the KV?

    • I don't have an immediate solution, but I have forwarded this to the Power Automate Product team.

Leave a Comment
Published by
Pieter Veenstra
4 years ago

Recent Posts

Introducing 8 AI Functions for Dataverse in Power Apps

Recently Microsoft added AI Functions to Dataverse that can be used in Power Apps. In…

14 hours ago

Copy and paste Scope steps in the new Power Automate Designer

One of the outstanding issues with the new Power Automate Designer is Copy and Paste…

1 week ago

Receive the available storage within your SharePoint Online tenant

Within the SharePoint admin centre there is that little detailed overview, telling you the available…

4 weeks ago

Options for Documenting Your Power Apps: Comments, Code, and Controls

Within Power Apps there are various ways to document your app. In this post I'm…

1 month ago

2 ways to duplicate SharePoint Lists to support your Power Apps

Recently I've been asked quite a few times to duplicate SharePoint lists as part of…

1 month ago

Update a Hyperlink Column in SharePoint with Power Automate

Today, I was asked about how to create a lookup to a document or item…

1 month ago