List keys and versions in Azure Key Vault with JavaScript
Create the KeyClient with the appropriate programmatic authentication credentials.
List all keys
List current version of all keys with the iterable listPropertiesOfKeys.
import { KeyClient, CreateKeyOptions, KeyVaultKey } from '@azure/keyvault-keys';
import { DefaultAzureCredential } from '@azure/identity';
const credential = new DefaultAzureCredential();
const client = new KeyClient(
`https://${process.env.AZURE_KEYVAULT_NAME}.vault.azure.net`,
credential
);
// Get latest version of (not soft-deleted) keys
for await (const keyProperties of client.listPropertiesOfKeys()) {
console.log(keyProperties.version);
}
The returned KeyProperties object includes the key version.
List all keys by page
To list all keys in Azure Key Vault, use the listPropertiesOfKeys method to get secret properties a page at a time by setting the PageSettings object.
import { KeyClient } from '@azure/keyvault-keys';
import { DefaultAzureCredential } from '@azure/identity';
const credential = new DefaultAzureCredential();
const client = new KeyClient(
`https://${process.env.AZURE_KEYVAULT_NAME}.vault.azure.net`,
credential
);
let page = 1;
const maxPageSize = 5;
// Get latest version of not-deleted keys
for await (const keyProperties of client.listPropertiesOfKeys().byPage({maxPageSize})) {
console.log(`Page ${page++} ---------------------`)
for (const props of keyProperties) {
console.log(`${props.name}`);
}
}
The returned KeyProperties object includes the key version.
List all versions of a key
To list all versions of a key in Azure Key Vault, use the listPropertiesOfKeyVersions method.
import { KeyClient } from '@azure/keyvault-keys';
import { DefaultAzureCredential } from '@azure/identity';
const credential = new DefaultAzureCredential();
const client = new KeyClient(
`https://${process.env.AZURE_KEYVAULT_NAME}.vault.azure.net`,
credential
);
// Get all versions of key
for await (const versionProperties of client.listPropertiesOfKeyVersions(
keyName
)) {
console.log(`\tversion: ${versionProperties.version} created on ${versionProperties.createdOn}`);
}
The returned KeyProperties object includes the key version.
Refer to the List all keys by page example to see how to page through the results.
List deleted keys
To list all deleted keys in Azure Key Vault, use the listDeletedKeys method.
import { KeyClient } from '@azure/keyvault-keys';
import { DefaultAzureCredential } from '@azure/identity';
const credential = new DefaultAzureCredential();
const client = new KeyClient(
`https://${process.env.AZURE_KEYVAULT_NAME}.vault.azure.net`,
credential
);
for await (const deletedKey of client.listDeletedKeys()) {
console.log(
`Deleted: ${deletedKey.name} deleted on ${deletedKey.properties.deletedOn}, to be purged on ${deletedKey.properties.scheduledPurgeDate}`
);
}
The deletedKey object is a DeletedKey object which includes the KeyProperties object with additional properties such as:
deletedOn- The time when the key was deleted.scheduledPurgeDate- The date when the key is scheduled to be purged. After a key is purged, it cannot be recovered. If you backed up the key, you can restore it with the same name and all its versions.
Refer to the List all keys by page example to see how to page through the results.
Next steps
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for