Do you have an idea or a suggestion for Azure Key Vault based on your experience?

Secret Names do not support special characters

In order for our organization to fully adopt Azure Key Vault for managing passwords and secrets we need to be able to support at a minimum allowing _ (underscrores) and other special characters in the naming convention as we have hundreds of names that contain underscores in them such as account_test, account_prd, etc..

Reading through the documentation online I can't find any technical reason as to why special characters aren't supported but this is a show stopper at this point for us until this is added/supported.

66 votes
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

millern4 shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

12 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
  • Clément Fleury commented  ·   ·  Flag as inappropriate

    This is a major limitation that needs to be fixed !

    I don't even understand why this limitation exist and is not documented !

  • Anson Goldade commented  ·   ·  Flag as inappropriate

    We're attempting to make our application agnostic of whether configuration information injected at runtime is coming from environment variables or Key Vault. This allows us to be resilient to changes in the decision about where that information is best stored and managed. Environment variables don't allow separating words with a `-` and Key Vault doesn't allow separating words with a `_`. Therefore our goal of being agnostic can't be achieved unless we get rid of word separators and make the names hard to decipher. Not sure what the value of the constraint was, but I can tell you that the consequences of the constraint are frustration.

  • Sage McEnery commented  ·   ·  Flag as inappropriate

    Agreed. We are trying to standardize our Azure DevOps Release Variables to store all Secrets in KeyVault. The lack of support for Underscores makes this approach impossible for us to fully adhere to since the Variable replacements will not work since most of the variables we need replacements for have underscores in their names.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Microsoft, This is a big problem for us. At a minimum, support the allowed logins for current Microsoft products. " / @ _ "

  • Darren Whanger commented  ·   ·  Flag as inappropriate

    Agree....we have lots of names with underscores and periods and I see no technical reason why this needs to be the case. I would like to see more than alphanumeric and dashes be supported. I understand that this needs to be http accessible, but http supports more than alphanumeric plus dash. Please standardize this via http url encoding guidelines....thanks.

  • Grzegorz Rusin commented  ·   ·  Flag as inappropriate

    adding some other characters like . or : would allow to create namespace like names... which in turn would allow better organization of keys

  • Ojas commented  ·   ·  Flag as inappropriate

    Agree with OP, a lot of configuration names have periods and underscores. This drawback of keyvault is unnecessarily complicating our implementation!

Feedback and Knowledge Base