Learn how to configure a Azure Key Vault Connection for Infisical.
Infisical currently only supports one method for connecting to Azure, which is OAuth.
Using the Azure Key Vault connection on a self-hosted instance of Infisical requires configuring an application in Azure
and registering your instance with it.
Prerequisites:
Set up Azure and have an existing Key Vault instance.
1
Create an application in Azure
Navigate to Azure Active Directory > App registrations to create a new application.
Azure Active Directory is now Microsoft Entra ID.
Create the application. As part of the form, set the Redirect URI to https://your-domain.com/organization/app-connections/azure/oauth/callback.
The domain you defined in the Redirect URI should be equivalent to the SITE_URL configured in your Infisical instance.
2
Assign API permissions to the application
For the Azure Connection to work with Key Vault, you need to assign multiple permissions to the application.
Navigate to the App Connections tab on the Organization Settings page.
2
Add Connection
Select the Azure Connection option from the connection options modal.
3
Authorize Connection
You can optionally authenticate against a specific tenant by providing the Azure Tenant or Directory ID.
Now select the OAuth method and click Connect to Azure.
4
Grant Access
You will then be redirected to Azure to grant Infisical access to your Azure account. Once granted,
you will redirect you back to Infisical’s App Connections page.
5
Connection Created
Your Azure Key Vault Connection is now available for use.
