Explore

Store Secret Data in .NET Core Web App with Azure Key Vault

1 hour on-demand video

$ 12.99

Save Course

Go to Course

Brief Introduction

Store secret/sensitive data with Azure Key Vault, Azure App Settings and .NET Core User Secrets in Visual Studio 2015/17

Description

This is an exciting course that will teach you how to secure sensitive data, such as passwords and connection strings in a ASP.NET Core 1.1 Web API.

These are skills that you must master as a serious developer.

*** NEW CONTENT: The same course for ASP.NET Core 1.1 in Visual Studio 2017 has been added ***

In this course you will:

Register for an Azure subscription
Implement a .NET Core 1.1 Web API
Store sensitive data with User Secret Manager (secrets.json), which stays on the developer machine and won't be propagated to a source code repository like GitHub or TFS when the code is checked in.
Implement an Interface called ISecrets, which will be injected into the controller's constructor via Dependecy Injection. The values from the secrets.json file or the Azure App Settings can then be used from the controller.
Add an Azure Key Vault, where secret values are stored, protected by Azure Active Directory security.
Add an Azure Active Directory App Registration to secure the Key Vault. The Application Id and the App Registration secret key is used to access the Key Vault
Read values from the Key Vault using the Application Id, secret key and the Key Vault's value endpoints
Call the Web API in Azure using the Chrome application Postman and make sure that the secret Key Vault values are returned. Note that the secret values normally wouldn't be returned through the API, we do it here for educational purposes only.