Azure Key Vault Secrets client library samples for TypeScript

These sample programs show how to use the TypeScript client libraries for Azure Key Vault Secrets in some common scenarios.

File Name Description
backupAndRestore.ts creates a secret, then makes a backup from it, then deletes it and purges it, and finally restores it
deleteAndRecover.ts creates a secret, then deletes it, then recovers it (soft-delete is required for this sample to run, see:
helloWorld.ts creates, reads, updates, and deletes a secret
listOperations.ts creates a secret and shows various ways to iterate over the secret and its versions
purgeAllSecrets.ts purges all the secrets of a Key Vault (useful for repeated tests)


The samples are compatible with Node.js >= 8.0.0.

Before running the samples in Node, they must be compiled to JavaScript using the TypeScript compiler. For more information on TypeScript, see the TypeScript documentation. Install the TypeScript compiler using

npm install -g typescript

You need an Azure subscription and an Azure Key Vault to run these sample programs. To quickly create the needed Key Vault resources in Azure and to receive a connection string for them, you can deploy our sample template by clicking:

If creating the Key Vault manually using the Azure Portal, be aware that the samples require that the soft-delete feature be enabled. Our template above will enable this feature automatically, but it is possible to enable it manually using the Azure CLI. See this page for more information.

Samples retrieve credentials to access the Key Vault from environment variables. Alternatively, edit the source code to include the appropriate credentials. See each individual sample for details on which environment variables/credentials it requires to function.

Adapting the samples to run in the browser may require some additional consideration. For details, please see the package README.


To run the samples using the published version of the package:

  1. Install the dependencies using npm:
npm install
  1. Compile the samples
npm run build
  1. Edit the file sample.env, adding the correct credentials to access the Azure service and run the samples. Then rename the file from sample.env to just .env. The sample programs will read this file automatically.

  2. Run whichever samples you like (note that some samples may require additional setup, see the table above):

node dist/helloWorld.js

Alternatively, run a single sample with the correct environment variables set (step 3 is not required if you do this), for example (cross-platform):

npx cross-env KEYVAULT_URI="<key vault uri>" AZURE_TENANT_ID="<AAD tenant id>" AZURE_CLIENT_ID="<AAD client id>" AZURE_CLIENT_SECRET="<AAD client secret>" node dist/helloWorld.js

Next Steps

Take a look at our API Documentation for more information about the APIs that are available in the clients.