Azure Key Vault is a cloud service that provides a secure store for secrets. You can securely store keys, passwords, certificates, and other secrets. Azure key vaults may be created and managed through the Azure portal. In this Blueprint we show how to get a secret from Azure Key Vault using a REST API request.
- 1 x Flow
- Create your own application (Integrate any other application you don't find in the gallery (Non-gallery)) in
Enterprise applicationsin Azure AD. - Assign Key Vault access policy for the application (see https://learn.microsoft.com/en-us/azure/key-vault/general/assign-access-policy). Secret permissions needs to be set to minmum
Get.
Add the following setting(s) to Onify.
Replace <TENANT>, <CLIENTID> and <CLIENTSECRET> with correct values.
{
"key": "_azure_credentials",
"name": "Microsoft Azure credentials",
"value": "{\"tenant\":\"<TENANTID>\", \"client_id\":\"<CLIENTID>\", \"client_secret\":\"<CLIENTSECRET>\"}",
"type": "object",
"tag": [
"azure",
"credentials",
"frontend"
],
"category": "custom",
"role": [
"admin"
]
}- Open the BPMN diagram in Camunda Modeler.
- Deploy the BPMN diagram (click
Deploy current diagramand follow the steps).
This workflow should be run as a adhoc workflow and can be part of another process.
Here is an example how to get a secret using a simple curl command.
curl -X 'POST' \
'http://localhost:8181/api/v2/my/workflows/run/azure-keyvault-get-secret?timeout=60' \
-H 'accept: application/json' \
-H 'authorization: {auth-token}' \
-H 'Content-Type: application/json' \
-d '{
"secretIdentifier" : "{vaultBaseUrl}/secrets/{secret-name}/{secret-version}"
}'And here is the result:
{
"output": {
"value": "mysecret",
"contentType": ""
},
"status": {
"statuskey": "complete"
}
}- Community/forum: https://support.onify.co/discuss
- Documentation: https://support.onify.co/docs
- Support and SLA: https://support.onify.co/docs/get-support
This project is licensed under the MIT License - see the LICENSE file for details.