Azure Key Vault

We are listening! Please take a few moments to submit your ideas or up-vote already submitted ideas by others. Azure Key Vault team regularly monitors and reviews all feedback submitted on this forum. You will be one of the first to know when a requested feature will be worked on! So be sure to vote or submit your ideas! Remember this site is for feature suggestions and ideas. For technical questions please try documentation, MSDN Forum or StackOverFlow

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Notify Users when secrets/keys are expiring

    Currently certificates management supports email notification when certificates are expiring. Wouldn't it be great to have the same functionality for keys and secrets?

    146 votes
    Sign in
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    28 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  2. Semicolon bug in Microsoft.Azure.Services.AppAuthentication


    I have found a bug in Microsoft.Azure.Services.AppAuthentication package.

    When a {ClientSecret} is generated with a semicolon eg. )}/}I;:}=&GG8U{Zt;4+[Jd{
    you can reproduce the bug.

    I wanted to use AzureServiceTokenProvider to obtain token for keyvault as mentioned in article --

    Running the application using a Service Principal

    To sign in using an Azure AD shared secret credential:


    When the {ClientSecret} is generated without any semicolon, this approach works well.

    Request you to please fix the issue.

    Sekhar Shrivastava

    1 vote
    Sign in
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →

    This is fixed in the preview in the following preview…please try it out and let us know if you have any feedback
    Release Notes
    Documentation can be found at

    Improvements for local development token request times
    Support for CancellationTokens
    Support for specifying user-assigned identity in SQL connection string with SqlAppAuthenticationProvider
    Adding retry logic for MsiAccessTokenProvider
    Removing TenantId as required connection string parameter when using KeyVaultCertificateSecretIdentifier parameter
    Adding quote escaping for connection string parameter values
    Other minor fixes and test updates

  • Don't see your idea?

Feedback and Knowledge Base