Custom Activity key vault authentication RRS feed

  • Question

  • Hi Everyone, i was trying to integrate my Data Factory pipelines  to use keyvault .

    Although blob , dataLakestore  and other  PaaS components integrate nicely with key vault using MSI ,but  i am using a custom activity in one of my pipelines and it is not getting authenticated.

    There is no credible information on documentation side , how exactly to achieve that. 

    Has anybody already done this and is there a step by step approach to conquer this.

    Again, most info on web is old and service principal authentication is not in question. I am trying to run local using the Azure.App.Authentication with Conn string as Visual  Studio and that works fine, however when i try to put it on azure  and call  from Data Factory, it fails.

    Any quick help  would be appreciated 




    Thursday, September 12, 2019 4:49 PM

All replies

  • Hi Viswa,

    Consider the connection string is stored as the secret in the AKV,  you need to create another function/class to get the secret. You could download this Azure key vault c# sample to take a look. This thread also gives you some information.

    Hope this helps.

    Friday, September 13, 2019 11:06 AM
  • Hi Chirag,

    I have kept the connection string in Key Vault and  as  informed in my question my local environmet of the console app works fine with Azure.App.Authentication library  while using visual studio connection string. However , as soon as it is deployed onto azure , the MSI is not getting confirmed.

    Key issue is how do you enable MSI to work with azure batch service  as  custom activity will need a batch service under the hood to  execute the  c# code . if possible can you Please address this issue .

    And to be clear, i have almost gone through all MSDN links around this and no Credible info is available.




    Friday, September 13, 2019 2:36 PM