Azure KeyVault and Authentication on client side

0 votes

I'd like to know more about the following situation:

A web application is launched by a client in the browser. Secrets are retrieved using Javascript from an Azure Key Vault in the web application. The connection to another Azure service is then made using these secrets in order to retrieve data.


The only thing that Azure Key Vault safeguards is the transmission of secrets. After retrieval, could the client view or plainly reverse engineer the secrets on the web browser?

=> Is this accurate and still secure?

The client can log in to the other service using these secrets, according to Question 2.

=> Is it conceivable that just the web app is authorised to utilise the secrets for authentication? The user shouldn't be able to utilise the secrets in another programme even if he knows what they are.

Feb 15, 2023 in Azure by Damonlang
 • 1,230 points 580 views

No answer to this question. Be the first to respond.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.

Related Questions In Azure

0 votes
1 answer

Logging and tracing on Azure

For logging and tracing in your multi-tenant ...READ MORE

answered Jun 21, 2023 in Azure by Khan Sarfaraz
• 700 points 586 views
0 votes
1 answer

What is the difference between an Azure tenant and Azure subscription?

The fundamental goal of a subscription is ...READ MORE

answered Mar 4, 2022 in Azure by Edureka
 • 13,620 points 1,892 views
0 votes
1 answer

How to retrieve View definition on Synapse (Azure SQL DW)?

To authenticate with Azure SQL Database or ...READ MORE

answered Mar 4, 2022 in Azure by Edureka
 • 13,620 points 1,726 views
0 votes
1 answer

Differences between Azure App Services and Cloud Services

App Services  Cloud Services Supported Platforms ASP.NET, Node.js, Java, PHP, ...READ MORE

answered Mar 1, 2022 in Azure by Edureka
 • 12,690 points 652 views
0 votes
1 answer

How to run second azure pipeline on the completion of a stage on first pipeline

Navigate to your project by logging into ...READ MORE

answered Mar 2, 2022 in Azure by Edureka
 • 13,620 points 726 views
0 votes
1 answer

Test environment for microsoft graph api and Azure v2.0

Yes, the type of application you register ...READ MORE

answered Mar 2, 2022 in Azure by Edureka
 • 12,690 points 755 views
0 votes
1 answer

How do cloud service providers take care of security, what franework do they use

They use shared security model.This is what ...READ MORE

answered Dec 20, 2018 in Cloud Computing by DragonLord999
 • 8,450 points 850 views
+1 vote
1 answer

Authentication versus Authorization

Authentication is basically used to find are ...READ MORE

answered Jun 25, 2019 in Others by sunshine
 • 1,300 points 836 views
0 votes
0 answers

do you need to login - using `az devops login` - when AZURE_DEVOPS_EXT_PAT is set?

I have PAT set using environment variable ...READ MORE

Apr 14, 2022 in Other DevOps Questions by Kichu
 • 19,040 points 1,131 views
+1 vote
2 answers

Is there any way to import an existing TFVC repo into Azure DevOps project?

If you use YAML files for defining ...READ MORE

answered Oct 18, 2018 in DevOps & Agile by Hannah
 • 18,520 points 2,586 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.