Unable to access secret 1 whereas secret 2 is accessible which are part of same Azure Key vault

0
votes

I have two secrets in one azure key vault, Secret-1 and Secret-2. Using Clinet ID, Client Secret, base URL I am able to access Secret-1, but whereas Secret-2 is not accessible, which is in the same azure key vault. It is throwing "Microsoft.Azure.KeyVault: Operation returned an invalid status code 'NotFound'" error. Can someone please suggest where we might be missing and are unable to access "Secret-2".

  • Code

main function code

main function()
{

           kvc = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetToken));
           SecretBundle secret = Task.Run(() => kvc.GetSecretAsync(baseSecretURI + @"secrets/" + 
           secretName)).ConfigureAwait(false).GetAwaiter().GetResult();

}

public static async Task<string> GetToken(string authority, string resource, string scope)
{

    var authContext = new Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext(authority);
    ClientCredential clientCred = new ClientCredential(clientID, clientSecret);
        AuthenticationResult result = await authContext.AcquireTokenAsync(resource, clientCred);

            if (result == null)
                throw new System.InvalidOperationException("Failed to obtain the JWT token");

            return result.AccessToken; // error thrown at this line when trying to access Secret-2
}
1
azure-keyvault

1 Answers

0
votes

The NotFound error is usually an indicator that there is not a secret in the instance of Azure Key Vault that matches what you are requesting. Can you confirm that there is a secret with the name of what you are requesting in the instance of Azure Key Vault?

Workaround: Remove the secret from the key vault and generate a new one and try again.

I test with the following code which comes from the code you provided.

var kvc = new KeyVaultClient(async (authority, resource, scope) =>
    {
        var adCredential = new ClientCredential(clientId,clientSecret);
        var authenticationContext = new Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext(authority, null);
        var authenticationResult = await authenticationContext.AcquireTokenAsync(resource, adCredential);
        return authenticationResult.AccessToken;
    });
SecretBundle secret = Task.Run(() => kvc.GetSecretAsync(baseSecretURI + @"secrets/" + secretName)).ConfigureAwait(false).GetAwaiter().GetResult();