The interaction with Azure Key Vault can be done in many ways, from masterkey, powershell, .NET, RESTful api, Java etc.
In the following post I am going to do an end to end of how to create a "Secret" in Azure Key Vault, and retrieve it from the console.
Step 1 - Create a Vault for your keys and secret in Azure
Step 2 - Create the Secret (some kind of connection string or key from a provider), I called it HMAC
Step 3 - Probably the hardest, find all the bits and pieces to retrieve the secret. It happens that in orger to get the "Secret" from Azure Key Vault, you need authentication, this is provided by Azure Active Directory. So the next step will be to register our application (the one will be using Azure Key Vault). So lets go for it:
Azure Active Directory-> App Registrations -> New application registration
Step 4 - It is time to get the Application ID, also called ClientID (For security reasons some info has been removed, but as long you have your ClientID, all will be fine)
Step 5 -The next thing we need is the ClientSecret. Go to Settings->Keys. Put a name in the key and duration. A new key will be generated automatically. That is your ClientSecret !
Step 6 - We almost there with Azure. We have just need to tell Key Vault to give access to ur application from Azure Active Directory so it can access to the keys.
Home->Your Key Vault->Access Policies
Step 7 - In our application in Azure Active Directory will have to allow Azure Key Vault to access to it. We will go to Azure Active Directory->App registrations-> [Our App Name] -> Settings -> Required Permissions-> Add -> Select API -> Azure Key Vault
Step 8- Delegate permissions to the service.
Step 9 - A JSON file needs to be created for "MasterKey" (the program in charge of retrieving the secret) See below. Save it as azuresecret.json in the folder C:\usr\local\.masterkey\ .
Replace your ClientID for mine
Replace your ClientSecret for mine
Step 10 - Install MasterKey:
Step 11 - Execute the file with your key vauly url, this should be the result:
This is a proof of concept will help you to not just understand how Azure Key Vault works behind the scenes, but also to check if the configuration is right.