Feb 12, 2020
0
0
Unseen secrets – using KeyVault to protect OAuth2 token requests

This sample implements an Azure Function App, which uses Azure KeyVault to sign OAuth2 client assertions used to obtain JWT tokens from Azure AD. The private key used to sign the client assertion and thus authenticate the function to Azure AD is generated in the KeyVault and never leaves that service (it is not exportable).