Hello, i am trying to scale my processes such that they all retrieve my client secret from my microsoft keyvault but i am not sure how to achieve this. Currently my secret is hard coded into an assign activity.
Does any one have any insight? Thanks!
Hi @justinkxc ,
stop hardcoding the secret and fetch it at runtime from Azure Key Vault. Create an Azure Key Vault, store the client secret there, then use UiPath’s Azure Key Vault activities (or an Orchestrator external credential linked to Key Vault) to retrieve the secret securely. Use managed identity or a service principal for access. This way all bots can scale and read the secret securely without exposing it in workflows.
Hi @justinkxc
Welcome to the Community
Please don’t hardcoded the secret instead of using this approach Move the client secret from the Assign activity into Azure Key Vault, retrieve it dynamically at runtime, and reference it securely in your workflows. This is the industry-recommended and scalable solution.
Hope it’s helps
Thanks & Happy automations
Hi @justinkxc
Store the client secret into Azure Key Vault, retrieve it dynamically at runtime, and reference it securely in your workflows.
001_GetCredentialsAzureKeyVault.xaml (13.1 KB)
This is the recommended enterprise best practice for secure and scalable credential management in UiPath.
instead of activities you can link them use with get credential activity by integrating azure keyvault into your orchestrator. please check the steps for integration below..this way retrieval is easy and storage would be only in azure
cheers
Thanks for the suggestion. I think we already have Azure Key Vault integrated with Orchestrator, and we were hoping to link them with Get Credential activity. However, we are facing some challenges.
The behavior is different between environments:
-
Dev: Key Vault credential shows Username and Password
-
Prod: It shows only External Name
Please refer to the attached screenshot.
Since Studio is connected only to Dev, we can reference only the Dev asset, and this difference makes it hard to implement the changes.
Has anyone encountered a similar situation, and how would you recommend we proceed from here?
Thanks!
Hi @justinkxc
- Use Azure Key Vault with UiPath Integration Service (recommended)
- Create a Key Vault connection and use the Get Secret activity
- Store the secret in a variable and use it at runtime
- Manage access via Azure RBAC
This allows all processes to securely retrieve the client secret from Key Vault.