I am using REST call to connect to azure keyvault from my app deployed on azure VM. Code below:
// msiEndpoint: http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fvault.azure.net
URL url = new URL (msiEndpoint);
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setRequestMethod(Keyvault.HTTPS_METHOD_GET);
con.setRequestProperty("Metadata", "true");
if (Keyvault.HTTPS_SUCCESS_CODE != con.getResponseCode()) {
throw new Exception("Error calling managed identity token endpoint.");
} else {
InputStream responseStream = con.getInputStream();
ObjectMapper objectMapper = new ObjectMapper();
Token token = objectMapper.readValue(responseStream, Token.class);
accessToken = token.getAccess_token();
}
to retrieve the value accessToken where Token is an inner private static class with variables:
private String access_token = null;
private String expires_in = null;
private String token_type = null;
This code when deployed on azure VM connects fine and is able to retrieve secrets. But when I try to run it locally it cannot connect to keyvault in absence of MSI. I am using a user assigned identity here with which I would like to know how to establish the connection here. or any other way of doing it from code itself. Thanks !!!
