Microsoft Azure Key Vault is a cloud-hosted service that allows applications to encrypt/decrypt data using (HSM stored) cryptographic keys and store and retrieve secrets.

- Wiki
2 articles, 0 books.

In Azure, the recommended place to store application secrets is Azure Key Vault. ASP.NET Core makes it easy for an application to read secrets from Key Vault, but the application needs to be given valid credentials to do so.

Key Vault allows us to separate the roles of key managers, key consumers, and developers. The separation is important in the production data environment.