1

We are operating in Azure Manage Identity environment, where I have a high performance stdin stdout process where each process request access to the Azure Key Vault for getting secrets and settings for other Azure resources/components. But we experience that we do not get the token each time as we have to many request to fast, and are requested to cache the token and refresh it when expired. makes sense, but I am not able to find the correct/good way to do so. It seems that it is not build in the java sdk for Azure.

I was hoping some of you have had experience in this and could guide me, please.

Jesper Werge
  • 11
  • 1

1 Answers1

0

The best option here is to use the azure keyvault sdk, which manages the caching for you so you dont need to do this yourself. See this page for all the different languages this sdk is available: https://learn.microsoft.com/en-us/azure/key-vault/secrets/

You can simply pass the ManagedIdentityCredential, and the underlying getToken is then managed by the SDK, without you needing to get a token and figuring out how to cache it.

example in node:

const kvSecret = require('@azure/keyvault-secrets');
const identity = require('@azure/identity');

const credential = new identity.ManagedIdentityCredential();
const keyVaultClient = new kvSecret.SecretClient(keyVaultUrl, credential);
const result = await keyVaultClient.getSecret(secretName);
udayxhegde
  • 311
  • 1
  • 6