Azure visual studio 2022 connected services 的 key vault 集成

Question

I am trying to store stripe credentials in the Azure Key Vault. I used the connected services tab in my Visual studio application, That seemed to work. However when I run the application locally I get errors in the program file. I am using do.net 6 core razor pages.

These are the errors hope you can help.

DefaultAzureCredential failed to retrieve a token from the included credentials. See the troubleshooting guide for more information. https://aka.ms/azsdk.net/identity/defaultazurecredential/troubleshoot

• EnvironmentCredential authentication unavailable. Environment variables are not fully configured. See the troubleshooting guide for more information. https://aka.ms/azsdk.net/identity/environmentcredential/troubleshoot
• ManagedIdentityCredential authentication unavailable. Multiple attempts failed to obtain a token from the managed identity endpoint.
• Process "C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\Extensions\lybeojxv.4oe\TokenService\Microsoft.Asal.TokenService.exe" has failed with unexpected error: TS003: Error, TS004: Unable to get access token. 'AADSTS50020: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '872cd9fa-d31f-45e0-9eab-6e460a02d1f1'(Visual Studio) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: b90f1908-e45e-4679-aadc-64dbc7452600 Correlation ID: 62078fe0-4072-4e16-8ed7-6b5060844d88 Timestamp: 2022-02-09 07:51:08Z'.
• Stored credentials not found. Need to authenticate user in VSCode Azure Account. See the troubleshooting guide for more information. https://aka.ms/azsdk.net/identity/vscodecredential/troubleshoot
• Please run 'az login' to set up account
• PowerShell is not installed.

This is the Program class...

public class Program
 {
    public static IHostBuilder CreateHostBuilder(string[] args) =>
        Host.CreateDefaultBuilder(args)
            .ConfigureAppConfiguration((context, config) =>
            {
                var keyVaultEndpoint = new 
  Uri(Environment.GetEnvironmentVariable("VaultUri"));
                config.AddAzureKeyVault(keyVaultEndpoint, new DefaultAzureCredential());

            })
            .ConfigureWebHostDefaults(webBuilder =>
            {
                webBuilder.UseStartup<Startup>();
            });

    public static void Main(string[] args)
    {
        var host = CreateHostBuilder(args).Build();
        using (var scope = host.Services.CreateScope())
        {
            var services = scope.ServiceProvider;
            var loggerFactory = services.GetRequiredService<ILoggerFactory>();
            try
            {
                var context = services.GetRequiredService<ApplicationDbContext>();
                var userManager = services.GetRequiredService<UserManager<IdentityUser>>();
                var roleManager = services.GetRequiredService<RoleManager<IdentityRole>>();
            }
            catch (Exception ex)
            {
                var logger = loggerFactory.CreateLogger<Program>();
                logger.LogError(ex, "An error occurred seeding the DB.");
            }
        }
        host.Run();
    }

}

...

Answer 1

Try these

Authenticate you Azure credential in Visual Studio

Tools - Options - Azure Service authentication - Choose an Account or Authenticate with Azure credentials

Ensure you have right access in AZ Keyvault (Get and List)

Az portal - Keyvault - Access policy - Add - Select principal and save it

Validate these settings in launchSettings.json file

Answer 2

You need just to provide your TenantId for using Visual Studio credential:

new DefaultAzureCredential(new DefaultAzureCredentialOptions { VisualStudioTenantId = "your_tenant_guid" })

PS. The TenantId is visible on the Azure Active Directory main page