If you have recently watched few Microsoft case studies (yes i am referring to the Stephen Siciliano’s demo of the Coco Cola flow) you will see that Microsoft is recommending to not use any credentials as a manual input to an action neither they advise to save credentials in a variable because this could be a security hazard. Any one who has access to the flow history page will be able to see the credentials and thus your whole data could be compromised.
So whats the solution to it? The best solution is to store your credentials in an Azure Key Vault. What is Azure Key Vault? Azure Key Vault is a tool for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, or certificates. A vault is a logical group of secrets.
So lets say you are working on a flow where you need to access the password from Azure Key vault.
For the demo purpose, i am going to create a Instant Flow which i will manually trigger.
As soon as you add a Azure Key Vault Action, you will see that it will not take any value rather it will directly try to create a connection.
And after it is done creating, you will see that this connection is no good.
And even if you go to the connections, you will see the error “Parameter Value Missing” infront of your key vault connection and it wouldn’t even let you save the flow. This would probably confuse you because you haven’t dont anything. You simply added an action which created a connection with the same ID you are using to create the flow.
What could be wrong?
So apparently this seems to be a hiccup, as soon as you create an action with Azure Key Vault, it created the connection for you without asking for you to input the Key Vault Name.
So the simply solution to this problem is editing the connection and entering the Key Vault Name.
After entering the Key Vault name it will give you the error of Fix Connection.
Which is quite normal for Us, Simply click the Fix Connection link and go through the Authentication Process once again.
Now go back to your flow and click on the three dots and click on the name of the connection and you will be good to go.
Hope this article helps you and don’t forget to turn on “Secure Inputs” and “Secure Output” settings in the action properties so that no one can see the results in the flow run page.
Comments