Is there any way of retrieving multiple secrets values from azure key vault through HTTP method GET? I’m using link https://{keyvaultname}.vault.azure.net/secrets/{keysecretname}?api-version=7.1
I can only retrieve one value at a time. So is there way of using HTTP method to get all secret value?
Currently, there's no Azure Vault API operation which will let you retrieve all secrets with their respective values from the Azure Vault.
However, you can use postman to orchestrate retrieval of all secrets by utilizing the Collection Runner along with control logic to define which request to run and until when. I took reference from this community post and created a postman collection which will help you retrieve all secrets.
I have tested this myself on a Key Vault in my personal Azure Subscription and it works like a charm. Please make sure to have a blank Postman Environment to run this Collection in the Collection Runner.
Hope this helps. Let me know in case you encounter any issues.
{
"info": {
"_postman_id": "c7298583-a343-47f3-b608-73547da45d5e",
"name": "Azure Vault Secrets",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "Retrieve All Secret Keys",
"event": [
{
"listen": "test",
"script": {
"id": "af71963c-adc5-4688-aa55-5fdae1aea154",
"exec": [
"// Function to extract last element i.e. the Secret Key Name from the secrets URL",
"const getLastItem = thePath => thePath.substring(thePath.lastIndexOf('/') + 1);",
"",
"// Parse the response Body",
"var jsonData = pm.response.json();",
"",
"// Map the secrets URL from the element 'id' presnet in response",
"var secretUrllist = _.map(jsonData.value, 'id');",
"",
"// Initialize an empty array to store the secret Key name",
"var secretList = [];",
"",
"// Populate the array and extract the last element from the URL",
"_.forEach(secretUrllist, function(value){",
" secretList.push(getLastItem(value));",
"});",
"",
"// Set the secretList",
"pm.environment.set('secretList',JSON.stringify(secretList));",
"",
"// Set the next index of the array for secretList ",
"pm.environment.set('nextIndex', 0);",
"",
"// Set the active secret Key name to fetch the secret Value for",
"pm.environment.set('activeSecret', secretList[0]);",
""
],
"type": "text/javascript"
}
}
],
"request": {
"auth": {
"type": "noauth"
},
"method": "GET",
"header": [],
"url": {
"raw": "{{vaultBaseUrl}}/secrets?api-version=7.1",
"host": [
"{{vaultBaseUrl}}"
],
"path": [
"secrets"
],
"query": [
{
"key": "api-version",
"value": "7.1"
}
]
}
},
"response": []
},
{
"name": "Retrieve All Secret Values",
"event": [
{
"listen": "test",
"script": {
"id": "7d6e8591-9c9b-4a97-92f3-a24059fa8750",
"exec": [
"let secretList = JSON.parse(pm.environment.get('secretList')),",
" // Increment the next Index",
" nextIndex = parseInt(pm.environment.get('nextIndex')) + 1;",
"",
"",
"// In case secret values have been fetched for all requests then we're done here",
"// time to end the collection run and clean up the environment and activeSecret",
"if (secretList.length === nextIndex) {",
" pm.environment.set('nextIndex', 0);",
" pm.environment.set('activeSecret', secretList[0]);",
"",
" postman.setNextRequest(null);",
"}",
"else {",
" let activeSecret = secretList[nextIndex];",
" pm.environment.set('nextIndex', nextIndex);",
" pm.environment.set('activeSecret', activeSecret);",
"",
" // Now run the Retrieve All Secret Values request again to get the secret value",
" // for the next request",
" postman.setNextRequest(\"Retrieve All Secret Values\");",
"}",
"",
""
],
"type": "text/javascript"
}
}
],
"request": {
"auth": {
"type": "noauth"
},
"method": "GET",
"header": [],
"url": {
"raw": "{{vaultBaseUrl}}/secrets/{{activeSecret}}?api-version=7.1",
"host": [
"{{vaultBaseUrl}}"
],
"path": [
"secrets",
"{{activeSecret}}"
],
"query": [
{
"key": "api-version",
"value": "7.1"
}
]
}
},
"response": []
}
],
"protocolProfileBehavior": {}
}
