Setting up the Vault

Owned by Phillip Hanegan
Last updated: Jul 31, 2024
2 min read

To securely store and manage secrets, such as connection strings and API keys, the EmpowerID bot utilizes Azure Key Vault. Follow these steps to set up the Key Vault, configure access, enable system-managed identity, and set permissions:

Procedure

  1. Navigate to the Azure portal.

  2. Please create a new Azure Key Vault in Azure if one already does not exist.

  3. On the Overview blade for the Key Vault, copy the Vault URI.

     

  4. Set the KeyVaultUrl to the Azure Vault URL in the App Service application settings of the Web App created in Step #1 of Set up App Service

     

     

  5. Enable System-managed Identity on the App Service. Navigate to the web app created in step #1, Select Identity, and switch Status to On within the System assigned tab. Click Save.

     

     

  6. Add an Access Policy to give the System-managed Identity permission to access the vault.

     

  7. Choose Get, List, Set, Delete & Recover rights for the secret permissions for the access policy. And Choose Get, List for certificate permission. Click on save to store the permissions.




    Please select the app service you have created in step #1 Set up App Service as the Principal input.

In the next step, we will create Azure Cache for Redis

Setting up the Microsoft App ID

All steps in Deployment & Configuration of EID Bot