I'm trying to leverage the Azure Key Vault REST APIs. I've written a small snippet of code to try to get a key:
private static async Task<object> GetKey(string uri, string token)
{
HttpClient client = new HttpClient();
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + token);
HttpResponseMessage resp = await client.GetAsync(uri);
return resp.Content.ReadAsStringAsync().Result;
}
I'm calling it with
var test = GetKey(
@"https://<myVault>.vault.azure.net/keys/Test/1?api-version=2016-10-01",
token
);
where "Test" is the name of key in . I believe that my access token is correct as I am able to get a list of Vaults that are in Azure. I'm not sure what is going wrong.
My API Registration in Azure has full access to the Key Vault, and is listed as an owner in AAD. The key vault is listed on all networks, even public. Interestingly though, if I use the "try it" feature in the azure documentation with the same parameters, I get a 404 response which I believe could be part of the issue?
Is it possible I need to authenticate to a different resource since this isn't a management API?