Azure SDK for JavaScript

Azure Key Vault SDK for JavaScript

The Azure Key Vault client library for JavaScript enables developers to securely store and manage cryptographic keys, secrets, and certificates. This library provides a convenient way to interact with Azure Key Vault from your Node.js or browser-based applications.

Key Features

  • Secure Secret Management: Store and retrieve sensitive information like API keys, connection strings, and passwords.
  • Cryptographic Key Operations: Generate, import, manage, and use cryptographic keys for encryption and signing.
  • Certificate Lifecycle Management: Import, manage, and automate the renewal of SSL/TLS certificates.
  • Integration with Azure Identity: Seamlessly authenticate to Azure Key Vault using managed identities, service principals, or user credentials.

Getting Started

To use the Azure Key Vault SDK, you first need to install the relevant packages using npm or yarn.

Installation

The primary package for interacting with Key Vault is @azure/keyvault-secrets for secrets, @azure/keyvault-keys for keys, and @azure/keyvault-certificates for certificates. You'll typically use @azure/identity for authentication.

npm install @azure/keyvault-secrets @azure/keyvault-keys @azure/keyvault-certificates @azure/identity

Authentication

The recommended way to authenticate is by using the DefaultAzureCredential from the @azure/identity package. This credential type attempts to authenticate using a variety of mechanisms in order, including environment variables, managed identity, and more.

import { DefaultAzureCredential } from "@azure/identity";
import { SecretClient } from "@azure/keyvault-secrets";

// Replace with your key vault name or URI
const vaultName = "YOUR_KEY_VAULT_NAME";
const url = `https://${vaultName}.vault.azure.net`;

const credential = new DefaultAzureCredential();
const client = new SecretClient(url, credential);

Working with Secrets

Here's an example of how to retrieve a secret from Azure Key Vault:

async function getSecret(secretName) {
    try {
        const secret = await client.getSecret(secretName);
        console.log(`The secret "${secretName}" is: ${secret.value}`);
    } catch (error) {
        console.error(`Error retrieving secret "${secretName}":`, error);
    }
}

// Example usage:
getSecret("my-api-key");

API Reference

For detailed information on all available methods and options, please refer to the official API documentation.

View Key Vault API Reference
Important: Always manage your Azure credentials securely. Avoid hardcoding secrets directly in your code. Use environment variables, Azure Key Vault itself, or managed identities.

Related Services