Sample code for 30+ languages & platforms
Unicode C

Azure Key Vault - Setup Bootstrap Secret in Local Manager

See more Secrets Examples

Accessing a cloud-based secrets manager requires authentication credentials, which cannot be stored in the manager itself. Instead, they must be securely stored locally.

One solution is to store the authentication credentials as a secret in the Windows Credentials Manager or Apple Keychain. These credentials serve as the "bootstrap secret" for authenticating with the cloud-based secrets manager.

This example demonstrates how to setup a bootstrap secret for the Azure Key Vault.

Note: This example requires Chilkat v10.1.0 or later.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkSecretsW.h>
#include <C_CkJsonObjectW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkSecretsW bootstrap;
    HCkJsonObjectW json;
    HCkJsonObjectW jsonSecret;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    bootstrap = CkSecretsW_Create();

    // We're going to store the bootstrap secret in the local manager.
    // On Windows, this is the Windows Credentials Manager
    // On MacOS/iOS, it is the Apple Keychain
    CkSecretsW_putLocation(bootstrap,L"local_manager");

    // Specify the name of the bootstrap secret.
    // service and username are required.
    // appName and domain are optional.
    // Note: The values are arbitrary and can be anything you want.
    json = CkJsonObjectW_Create();
    CkJsonObjectW_UpdateString(json,L"appName",L"azure_bs");
    CkJsonObjectW_UpdateString(json,L"service",L"Example");
    CkJsonObjectW_UpdateString(json,L"username",L"Joe");

    // The bootstrap secret for the Azure Key Vault will contain
    // the tenant_id, client_id, and client_secret, like this:
    jsonSecret = CkJsonObjectW_Create();
    // Modify to your values.
    CkJsonObjectW_UpdateString(jsonSecret,L"tenant_id",L"YOUR_TENANT_ID");
    CkJsonObjectW_UpdateString(jsonSecret,L"client_id",L"YOUR_CLIENT_ID");
    CkJsonObjectW_UpdateString(jsonSecret,L"client_secret",L"YOUR_CLIENT_SECRET");

    // Create or update the bootstrap secret.
    success = CkSecretsW_UpdateSecretJson(bootstrap,json,jsonSecret);
    if (success == FALSE) {
        wprintf(L"%s\n",CkSecretsW_lastErrorText(bootstrap));
        CkSecretsW_Dispose(bootstrap);
        CkJsonObjectW_Dispose(json);
        CkJsonObjectW_Dispose(jsonSecret);
        return;
    }

    wprintf(L"The Azure bootstrap secret has been stored.\n");


    CkSecretsW_Dispose(bootstrap);
    CkJsonObjectW_Dispose(json);
    CkJsonObjectW_Dispose(jsonSecret);

    }