In a previous article:
Adding a secret to an Azure Key Vault
I showed how a secure credential could be saved to an Azure Key Vault and then retrieved either from the browser, or PowerShell. You can however, also retrieve a secret using Power Automate.
You can see I have the same ‘super secret’ password stored in the Azure Key Vault above.
The Azure Key Vault connector in Power Automate is a premium connector which means you’ll either need an advanced Power Platform license or you’ll need to set up a
Power Platform PAYG configuration
which is probably the more cost effective approach.
You’ll firstly need to login to your Power Platform environment and select Connectors from the menu on the left as shown above. In here look for the Azure Key Vault connector. If it is not there select the +New connector from the menu at the top.
Search for key vault in the top right and then select Azure Key Vault as shown above. You will note that this connector is a Premium connector as highlighted earlier.
Enter the vault name and select Create.
You should now see the connector displayed in the list as shown above.
If you select this connector you will see additional information and the connection Status as well. Icons on the menu bar at the top that allow you to maintain this connector if needed.
Create a new flow and add a new step. Search for key vault as shown and select Get Secret as the action below as shown above.
If you pull down the Name of the secret field you should see your secret name previously created in the Azure Key Vault as shown above, which you can select.
Complete your flow. Here I’m just going to output the value of the secret (i.e. the password) to a Microsoft Team channel.
If you now run the flow you see that it succeeds.
You should also see the output of the secret (i.e. here the password) stored in the Azure Key Vault displayed as shown above.
Another advantage of using an Azure Key Vault is that you can use it a variety of tools such as PowerShell and Power Automate as I have shown here. This means that the credentials stay secure and can still be accessed via your automation process.