---
title: c Azure Key Vault
description: Available connectors
documentId: ipaas-azure-key-vault
locale: en-US
---

The [**Azure Key Vault**](https://camel.apache.org/components/4.10.x/azure-key-vault-component.html) component is used to manage and protect secrets, encryption keys, and certificates securely.

**URI syntax**: `azure-key-vault:vaultName`

### Main fields

*Path parameters*

| **Name** | **Description** | **Default** | **Type** |
|----------|-----------------|-------------|----------|
| `vaultName` (producer) |Vault name to be used.| —  | String |

*Query parameters*

| **Name** | **Description** | **Default** | **Type** |
|----------|-----------------|-------------|----------|
|`operation` (producer) |Operation to be performed. Enum values: `createSecret`, `getSecret`, `updateSecretProperties`, `deleteSecret` and `purgeDeletedSecret` | — | KeyVaultOperation |
|`clientId`(security)| Client Id to be used.| — | String |
|`clientSecret`(security) | Client Secret to be used.|—  | String |
|`tenantId` (security) | Tenant Id to be used. |—  | String |

### Example 

The example flow creates a secret, queries its value, and then deletes it.

<Steps>
<Step>
**Secret Creation**

  - Sets the secret name via header (`CamelAzureKeyVaultSecretName: my-secret-name`).
  - Sets the content via body (`My secret data`).
  - Executes `createSecret` on vault `demo-vault-integrations`.
</Step>
<Step>
**Secret Query**

 - Sets the secret name via header.
 - Executes `getSecret` to retrieve the value.
 - The returned value is available in the message body.
 - Logs the result.
</Step>
 <Step>
 **Secret Deletion**

 - Sets the secret name via header.
 - Executes `deleteSecret` to remove the secret from the vault.
</Step>
</Steps>

```yaml
      - from:
          uri: rest:get:/demo
          steps:
          - log:
              message: Storing secret my-secret-name at vault demo-vault-integrations
          # the secret name is set by a header
          - setHeader:
              name: CamelAzureKeyVaultSecretName
              expression:
                constant: my-secret-name
          # and the content by the body
          - setBody:
              expression:
                constant: My secret data
          - to:
              uri: azure-key-vault:demo-vault-integrations
              parameters:
                operation: createSecret
                clientId: 85b0f7fe-ad0b-465a-b663-c66d5fe78a9a
                clientSecret: 6Ot8Q~s-jXfYtirD31Oeq9yxf
                tenantId: 306a6ae7-d394-4adb-aa76
          - log:
              message: Fetching the stored secret my-secret-name from vault demo-vault-integrations
          # the secret name is set by a header
          - setHeader:
              name: CamelAzureKeyVaultSecretName
              expression:
                constant: my-secret-name
          - to:
              uri: azure-key-vault:demo-vault-integrations
              parameters:
                operation: getSecret
                clientId: 85b0f7fe-ad0b-465a-b663-c66d5fe78a9a
                clientSecret: 6Ot8Q~s-jXfYtirD31Oeq9yxf
                tenantId: 306a6ae7-d394-4adb-aa76
          # the body after the call contains the secret value
          - log:
              message: Result is ${body}
          - log:
              message: Deleting the stored secret my-secret-name from vault demo-vault-integrations
          - setHeader:
              name: CamelAzureKeyVaultSecretName
              expression:
                constant: my-secret-name
          # the secret name is set by a header               
          - to:
              uri: azure-key-vault:demo-vault-integrations
              parameters:
                operation: deleteSecret
                clientId: 85b0f7fe-ad0b-465a-b663-c66d5fe78a9a
                clientSecret: 6Ot8Q~s-jXfYtirD31Oeq9yxfdgjldE8UPRRiahb
                tenantId: 306a6ae7-d394-4adb-aa76-abbbcedb78d0

```

![](https://creative-ball-51b3fc85c0.media.strapiapp.com/component_azure_key_vault_4b003cae2d.gif)

#### Error scenarios

| **Scenario** | **Result** |
|-------------|---------------|
| Using invalid credentials | Runtime error |
| Missing Azure permissions | Runtime error |
| Operation not specified | Runtime error |
| Credentials not specified (client Id, secret or tenantId) | Deploy error |
| Wrong vault name | Runtime error |
| Vault name not specified | Deploy error |