Azure Key Vault libraries for Java

Overview

Safeguard and manage cryptographic keys and secrets used by cloud applications and services with Azure Key Vault.

To get started with Azure Key Vault, see Get started with Azure Key Vault.

Client libraries

Create, update, and delete keys and secrets in Azure Key Vault with the client libraries. We offer separate Client libraries to manage Secrets and Keys in your Key Vault. Azure Key Vault Secrets client library allows you to securely store and tightly control the access to tokens, passwords, API keys, and other secrets. Azure Key Vault Keys client supports RSA keys and elliptic curve keys, each with corresponding support in hardware security modules (HSM). Multiple keys, and multiple versions of the same key, can be kept in the Key Vault. Cryptographic keys in Key Vault are represented as JSON Web Key [JWK] objects.

Add a dependency to your Maven pom.xml file to use the client library in your project.

<dependency>
    <groupId>com.azure</groupId>
    <artifactId>azure-security-keyvault-secrets</artifactId>
    <version>4.0.0</version>
</dependency>

<dependency>
    <groupId>com.azure</groupId>
    <artifactId>azure-security-keyvault-keys</artifactId>
    <version>4.0.0</version>
</dependency>

Example

Retrieve a JSON web key and a secret from a Key Vault.


KeyClient keyClient = new KeyClientBuilder()
        .vaultUrl(<your-vault-url>)
        .credential(<your-credentials>)
        .buildClient();
KeyVaultKey key = keyClient.getKey("key_name");

SecretClient secretClient = new SecretClientBuilder()
		 .vaultUrl(<your-vault-url>)
		 .credential(new DefaultAzureCredentialBuilder().build())
		 .buildClient();
KeyVaultSecret secret = secretClient.getSecret("secret_name");

Service Package README Samples API Reference Changelog
Key Vault - Keys azure-security-keyvault-keys - 4.0.0 README Samples Api Reference ChangeLog
Key Vault - Secrets azure-security-keyvault-secrets - 4.0.0 README Samples Api Reference ChangeLog

Management API

Use the Azure Key Vault management libraries to create key vaults, authorize applications, and manage permissions.

Add a dependency to your Maven pom.xml file to use the management API in your project.

<dependency>
    <groupId>com.microsoft.azure</groupId>
    <artifactId>azure-mgmt-keyvault</artifactId>
    <version>1.15.0</version>
</dependency>

Example

Authorize and application running with service principal clientId to list and retrieve secrets from a key vault.

vault1 = vault1.update()
            .defineAccessPolicy()
                .forServicePrincipal(clientId)
                .allowKeyAllPermissions()
                .allowSecretPermissions(SecretPermissions.GET)
                .allowSecretPermissions(SecretPermissions.LIST)
                .attach()
            .apply();

Samples

Explore more sample Java code for Azure Key Vault you can use in your apps.