Loading source
Pulling the file list, source metadata, and syntax-aware rendering for this listing.
Source from repo
Register Microsoft Entra ID apps and configure OAuth 2.0 authentication with MSAL integration.
Files
Skill
Size
Entrypoint
Format
Open file
Syntax-highlighted preview of this file as included in the skill package.
references/sdk/azure-keyvault-py.md
1# Key Vault — Python SDK Quick Reference2> Condensed from **azure-keyvault-py**. Full patterns (async clients,4> cryptographic operations, certificate management, error handling)5> in the **azure-keyvault-py** plugin skill if installed.6## Install8pip install azure-keyvault-secrets azure-keyvault-keys azure-keyvault-certificates azure-identity9## Quick Start11```python12from azure.identity import DefaultAzureCredential13from azure.keyvault.secrets import SecretClient14client = SecretClient(vault_url="https://<vault>.vault.azure.net/", credential=DefaultAzureCredential())15```16## Best Practices18- Use DefaultAzureCredential for **local development only**. In production, use ManagedIdentityCredential — see [auth-best-practices.md](../auth-best-practices.md)19- Use managed identity in Azure-hosted applications20- Enable soft-delete for recovery (enabled by default)21- Use RBAC over access policies for fine-grained control22- Rotate secrets regularly using versioning23- Use Key Vault references in App Service/Functions config24- Cache secrets appropriately to reduce API calls25- Use async clients for high-throughput scenarios26