web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate / Key Vault Connector vs...
Power Automate
Answered

Key Vault Connector vs Environment Variables for Azure Key Vault Secrets

(0) ShareShare
ReportReport
Posted on by CU01081947-0 716
Hello Power Automate Community,
 
I hope you can help.
 
Does anyone know what extra or what the reason is for using the functionality of "use environment variables for Azure Key Vault secrets" vs just using the "Azure Key Vault" connector.
 
Any insight would be greatly appreciated.
 
Thanks very much,
 
Garry
Categories:
Building flows
I have the same question (0)
  • Verified answer
    Pstork1 Profile Picture
    Pstork1 68,717 Most Valuable Professional on at
    If you use just the connector then the credentials or auth keys are available in the code. If you use the secrets environment variable then the value used for authorization keys are encrypted in the environment variable. The connector can then retrieve them at runtime but no one else can.

    ----------------------------------------------------------------------------------
    If this Post helped you, please click "Does this answer your question" and give it a like to help others in the community find the answer too!

    Paul Papanek Stork, MVP
    Blog: https://www.dontpapanic.com/blog
     
  • CU01081947-0 Profile Picture
    CU01081947-0 716 on at
    Hello @Pstork1,
     
    Thanks so much for your quick response. That's good to know. I'll go with the environment variable approach then. 
     
    Much appreciated,
     
    Garry
  • CU01081947-0 Profile Picture
    CU01081947-0 716 on at
    Hello @Pstork1,

    Sorry, do you mind me asking a follow up question, please?

    I think I misunderstood the response, sorry. 

    I've created the environment variable and can retrieve the secret using the Dataverse connector "Perform an unbound action" as per this document, but I still need to secure the outputs of that action, without it I can see the secret value in the Flow. This was exactly the same for when I used the "Azure Key Vault" connector directly. 
     
    So may I ask, where is the benefit to using the environment variable in regards to improving security? 
     
    Any ideas would be greatly appreciated. Again, thanks for all your help.
     
    Garry
  • Pstork1 Profile Picture
    Pstork1 68,717 Most Valuable Professional on at
    Yes, you can see it because you created it. The point is that you control who can see and read that value.  See this sentence in the first paragraph of the document you referenced. "Notice that the secrets aren't available for use in other customizations or generally via the API."  Using just the connector other users can use that connection elsewhere. Using an Environment variable secret they can only use it if they have access to read that key. You control that access by RBAC in Azure Key vault.

    ----------------------------------------------------------------------------------
    If this Post helped you, please click "Does this answer your question" and give it a like to help others in the community find the answer too!

    Paul Papanek Stork, MVP
    Blog: https://www.dontpapanic.com/blog
     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Automate

#1
Michael E. Gernaey Profile Picture

Michael E. Gernaey 501 Super User 2025 Season 2

#2
Tomac Profile Picture

Tomac 323 Moderator

#3
abm abm Profile Picture

abm abm 237 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

Share your ideas and struggles with building Power Automate flows!
Survey: Power Automate mobile app
How to Ask for Help with Your Power Automate Workflow
Flows are not visible for users who sign in with their personal accounts
Start and wait for an approval action
Restore a deleted flow
List of actions cheat sheet for Power Automate Desktop
Question for everyone : How are you using Create Text GPT in AI Builder?
Welcome to the Power Automate forum!

Product updates

Microsoft Power Platform Community release plans