REST API Update

  • Article

Happy Monday,

Today's post is about some changes to the Key Vault API based on feedback and prototypes, both internal and external. Thank you for your continued support and engagement.

The first change is the addition of pagination for larger vaults. 

The second change lets you define tags on an item so as to permit associating internal data with your keys/secrets. The most common ask here was for a string to represent friendlier display information (than, say, a URL). Closely related to Tags is a ContentType on secrets so that you can facilitate interpretation of your secret(s) when storing them in a variety of formats (and versions). Finally, our 10K limit for secrets was too low for some of you so we've bumped it to 25Kb.

As always, we value your input so please take a moment to follow us , join our advisory board , send us private feedback ,and/or visit our forum

Also, the Key Vault .NET client samples are now repackaged as a Key Vault SDK and are available as a NuGet package as part of the Azure SDK for .NET. Look under the directory src/KeyVault for the Key Vault client SDK and sample code. This code is still marked as preview and so there might be some rough edges. Feel free to try it out and provide us feedback. We'll be updating the NuGet to a final version in the coming weeks.

Cheers,
The KV team

 

Key Vault REST API has been updated to a new api-version. To use the new API version, use ‘api-version=2015-02-01-preview’ in your request URI. The old API version 2014-12-08-preview will continue to be supported until Key Vault reaches General Availability milestone.

Please refer to Azure Key Vault REST API reference for complete details.

Here’s a summary of changes:

Feature

Description

LIST pagination

Keys and Secrets “LIST” command now support pagination. For example,

A GET with https://mykeyvault.vault.azure.net/keys?api-version={api-version}&maxresults={maxresults} lists all keys in a key vault. Query option ‘maxresults={maxresults}’ can be used to restrict number items listed with each request. The response will include a list of objects (keys or secrets) and a ‘nextLink’ value that can be used to retrieve next set of results.

LIST Versions with pagination

New command versions, for both keys and secrets. List all versions of a key or a secret. For example, A GET with https://mykeyvault.vault.azure.net/keys/{keyname}/versions?api-version={api-version}&maxresults={maxresults} to list all versions of {keyname}. These commands also support pagination as described above.

Tags

Keys and secrets now support ‘Tags’, arbitrary strings that can store application-specific metadata

Secret max size

Secrets now support maximum size of 25K bytes.

Secrets ‘Content Type’

A new ‘contentType’ field that can be used for a hint for interpreting secret data.

Comments are disabled, head over to the Azure Key Vault forum to discuss about this blog.