web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

Welcome to the Power Platform Communities
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate / Key Vault Connector vs...
Power Automate
Answered

Key Vault Connector vs Environment Variables for Azure Key Vault Secrets

(0) ShareShare
ReportReport
Posted on by CU01081947-0 716
Hello Power Automate Community,
 
I hope you can help.
 
Does anyone know what extra or what the reason is for using the functionality of "use environment variables for Azure Key Vault secrets" vs just using the "Azure Key Vault" connector.
 
Any insight would be greatly appreciated.
 
Thanks very much,
 
Garry
Categories:
Building flows
I have the same question (0)
  • Verified answer
    Pstork1 Profile Picture
    Pstork1 69,022 Most Valuable Professional on at
    If you use just the connector then the credentials or auth keys are available in the code. If you use the secrets environment variable then the value used for authorization keys are encrypted in the environment variable. The connector can then retrieve them at runtime but no one else can.

    ----------------------------------------------------------------------------------
    If this Post helped you, please click "Does this answer your question" and give it a like to help others in the community find the answer too!

    Paul Papanek Stork, MVP
    Blog: https://www.dontpapanic.com/blog
     
  • CU01081947-0 Profile Picture
    CU01081947-0 716 on at
    Hello @Pstork1,
     
    Thanks so much for your quick response. That's good to know. I'll go with the environment variable approach then. 
     
    Much appreciated,
     
    Garry
  • CU01081947-0 Profile Picture
    CU01081947-0 716 on at
    Hello @Pstork1,

    Sorry, do you mind me asking a follow up question, please?

    I think I misunderstood the response, sorry. 

    I've created the environment variable and can retrieve the secret using the Dataverse connector "Perform an unbound action" as per this document, but I still need to secure the outputs of that action, without it I can see the secret value in the Flow. This was exactly the same for when I used the "Azure Key Vault" connector directly. 
     
    So may I ask, where is the benefit to using the environment variable in regards to improving security? 
     
    Any ideas would be greatly appreciated. Again, thanks for all your help.
     
    Garry
  • Pstork1 Profile Picture
    Pstork1 69,022 Most Valuable Professional on at
    Yes, you can see it because you created it. The point is that you control who can see and read that value.  See this sentence in the first paragraph of the document you referenced. "Notice that the secrets aren't available for use in other customizations or generally via the API."  Using just the connector other users can use that connection elsewhere. Using an Environment variable secret they can only use it if they have access to read that key. You control that access by RBAC in Azure Key vault.

    ----------------------------------------------------------------------------------
    If this Post helped you, please click "Does this answer your question" and give it a like to help others in the community find the answer too!

    Paul Papanek Stork, MVP
    Blog: https://www.dontpapanic.com/blog
     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Users!

Kudos to our 2025 Community Spotlight Honorees

Congratulations to our 2025 community superstars!

Congratulations to the February Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Automate

#1
David_MA Profile Picture

David_MA 103 Super User 2026 Season 1

#2
Haque Profile Picture

Haque 87

#3
trice602 Profile Picture

trice602 63 Super User 2026 Season 1

Last 30 days Overall leaderboard

Featured topics

Share your ideas and struggles with building Power Automate flows!
Survey: Power Automate mobile app
How to Ask for Help with Your Power Automate Workflow
Flows are not visible for users who sign in with their personal accounts
Start and wait for an approval action
Restore a deleted flow
List of actions cheat sheet for Power Automate Desktop
Question for everyone : How are you using Create Text GPT in AI Builder?
Welcome to the Power Automate forum!

Product updates

Microsoft Power Platform Community release plans