Skip navigation

Authentication samples for Azure Key Vault using the Azure Java SDK

Last updated: 08/02/2018
Edit on GitHub

This sample repo contains sample code demonstrating common mechanisms for authenticating to an Auzure Key Vault vault.

Samples in this repo

  • KeyVaultADALAuthenticator -- authenticates to an Azure Key Vault by providing a callback to authenticate using ADAL.
  • KeyVaultCertificateAuthenticator -- authenticates to an Azure Key Vault through a service principal with a self signed certificate. This takes in a pem file with the certificate and private key.

Running the samples

  1. If not installed, install Java.

  2. Clone the repository. git clone

  3. Create an Azure service principal, using Azure CLI, PowerShell or Azure Portal. Note that if you wish to authenticate with the certificate authenticator the certificate should be saved locally.

  4. Export these environment variables into your current shell or IDE. AZURE_TENANT_ID={your tenant id} AZURE_CLIENT_ID={your service principal AppID} AZURE_CLIENT_SECRET={your application key} CERTIFICATE_PATH={absolute path to locally stored certificate} CERTIFICATE_PASSWORD={password for locally stored certificate}

AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET must be set for general Azure authentication.

For ADAL authentication, AZURE_CLIENT_ID and AZURE_CLIENT_SECRET must be set.

For certificate authentication, AZURE_CLIENT_ID, CERTIFICATE_PATH and CERTIFICATE_PASSWORD must be set.

  1. Run for a sample run through. This project uses maven so you can do so either through an IDE or on the command line.

More information