The Azure Code Samples are currently available in English

Authentication samples for Azure Key Vault using the Azure Java SDK

This sample repo contains sample code demonstrating common mechanisms for authenticating to an Azure Key Vault.

Samples in this repo

  • KeyVaultCertificateAuthenticator -- authenticates to an Azure Key Vault through a service principal with a self signed certificate. This takes in a pem file with the certificate and private key. This is the recommended way to authenticate to Key Vault.
  • KeyVaultADALAuthenticator -- authenticates to an Azure Key Vault by providing a callback to authenticate using ADAL.


  • Java 1.7+
  • An Azure Service Principal, through Azure CLI, PowerShell or Azure Portal.
  • A self signed certificate, uploaded to your service principal through Azure Portal or Powershell.

Running the samples

  1. If not installed, install Java.

  2. Clone the repository. bash git clone

  3. Create an Azure service principal, using Azure CLI, PowerShell or Azure Portal. Note that if you wish to authenticate with the certificate authenticator the certificate should be saved locally.

  4. Use an authentication file to authenticate to the Azure management plane.

  5. Add these variables to pom.xml for a demo of certificate authentication. Note that CERTIFICATE_PASSWORD is optional depending on whether or not your .pem file requires a certificate. ```xml AZURE_TENANT_ID {AZURE_TENANT_ID} AZURE_CLIENT_ID {AZURE_CLIENT_ID} AZURE_AUTH_LOCATION {AZURE_AUTH_LOCATION} CERTIFICATE_PATH {CERTIFICATE_PATH} CERTIFICATE_PASSWORD {CERTIFICATE_PASSWORD}

For ADAL authentication, AZURE_CLIENT_ID and AZURE_CLIENT_SECRET also must be set.

5. Run ```mvn clean compile exec:java``` for a sample run through.

## More information

* [What is Key Vault?](
* [Get started with Azure Key Vault](
* [Azure Key Vault General Documentation](
* [Azure Key Vault REST API Reference](
* [Azure SDK for Java Documentation](
* [Azure Active Directory Documenation](