Using Web3Signer with Azure Key Vault
Web3Signer supports using Azure Key Vault to sign payloads in the following ways:
- Using Azure Key Vault to perform the signing operation. Supports SECP256K1 signing keys only.
- Fetching the keys from Azure Key Vault and signing locally.
Web3Signer supports the following authentication modes:
- Azure Active Directory managed identity:
- System-assigned identities
- User-assigned identities
- Client secret.
The Azure Active Directory managed identity authentication modes can only be used when fetching keys from Azure Key Vault and signing locally with Web3Signer.
Storing the private key in Azure Key Vault
- Vault name, which is part of the URL (for example
Client credentials, which can include:
- Client ID
- Client secret
Depending on the authentication mode, not all client credentials will be available.
Key name, which is the name of the secret.