How can we improve Microsoft Azure Logic Apps?

Ability to use KeyVault in Logic Apps

It would be great to be able to access KeyVault secrets and keys within a Logic App action. This way it would be easy to provide secured authentication details while calling 3rd party services from a logic app.

443 votes
Vote
Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)
You have left! (?) (thinking…)
Abhishek Kumar Mishra shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

20 comments

Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)
Submitting...
  • Subramani Ananthapadmanabhan commented  ·   ·  Flag as inappropriate

    We are looking at this to keep "secrets" in sync across keyvault. e.g. would be great do be able to do a diff on "secrets" without exposing the value.
    Actually exposing values in clear text is a problem. The password should not be displayed in clear text any where in the logic app output

  • Subramani Ananthapadmanabhan commented  ·   ·  Flag as inappropriate

    Is this the right forum to give feedback on the Key Vault (Preview) connector.

    The biggest issue I see outright is that the connector does not support "Managed Identity" MSI.

    This is a huge deal breaker as Logic App already has support for "Managed Identities"

  • Suleyman commented  ·   ·  Flag as inappropriate

    Connecting with Managed Identity and have the results sanitized are really needed!

  • Anonymous commented  ·   ·  Flag as inappropriate

    Connection as Managed Identity and secrets received as 'secret' strings would great improvements.

  • Boschy commented  ·   ·  Flag as inappropriate

    To make this useful it needs Managed Identity support and you need to be able to use more than 10 Managed Identity logic apps per subscription. This limit of 10 has been a major limitation!

  • Bendiksen, Pål Stian commented  ·   ·  Flag as inappropriate

    I see the Key Vault connector is currently in preview. That is good, and functionality looks great :) For us there are 2 things missing that will prevent us from using it.
    1. Results are in clear text, so everyone with access to run history will be able to find the secrets
    2. Lookup through Managed Identity missing

    Will these things be in place before GA?

  • Laveesh Bansal commented  ·   ·  Flag as inappropriate

    Thank you all for your feedback. We are working on a key vault connector and will be releasing it later this week.

    Thanks
    Laveesh Bansal
    Azure Logic Apps team

  • DanM commented  ·   ·  Flag as inappropriate

    I see the logic app can now have a managed service identity...so when is the ability to use it with a KeyVault coming?

  • Prashanth Palabatla commented  ·   ·  Flag as inappropriate

    Is Key Vault integrated with Logic App ?

    I have the same requirement(reading the secrets and using them part of the action)

  • Stacy May commented  ·   ·  Flag as inappropriate

    This has been planned for almost 18 months. Is there an update when this will be available?

  • Jon Webster commented  ·   ·  Flag as inappropriate

    I found this custom connector, but implementing using a custom connector is not trivial. We want to integrate with multiple external API's and storing credentials in clear text within a logic app is not ideal.

  • Waheed commented  ·   ·  Flag as inappropriate

    It would be great to provide capability to encrypt/decrypt message on the azure service bus using the certificates stored in Key Vault.

  • Tom Kerkhove commented  ·   ·  Flag as inappropriate

    Provide integration with Azure Key Vault for retrieving secrets to authenticate with APIs, custom API Apps, etc. without the actual secret being tracked and displayed in the details of the run

Feedback and Knowledge Base