# Set up Azure Key Vault for project-level secrets management

WARNING

Switching to project-specific secrets management causes external secrets references scoped to the workspace level to stop working.

# Prerequisites

To complete the steps in this guide, you must have the following:

REGISTERING AN APPLICATION

To learn how to register an application, see Registering an application with Microsoft Entra ID.

# Select the scope for secrets management

1

Sign in to Workato.

2

Go to Workspace admin > Settings > External secrets manager.

3

Click the Use external secrets manager toggle.

4

Select the Set up secrets management for each project individually option from the Scope drop-down menu.

Set up secrets management for each project individuallySet up secrets management for each project individually

5

Click Save.

6

If you switch secrets management scopes, Workato notifies you that existing external secret references scoped to the project level will no longer function.

To proceed with switching from workspace-level to project-level secrets management, select the checkbox to acknowledge the impact and click Use project-specific secrets.

Use project-specific secrets Use project-specific secrets

# Select the project

1

In Workato, navigate to your projects.

2

Select the project that you plan to configure with secrets management.

3

In the project, go to Workspace admin > Settings > External secrets manager.

4

In the Which secrets manager do you want to use? field, select Azure Key Vault.

Secrets management interface of a project Secrets management interface of a project

5

Click Set up connection.

6

In the Connect to Azure Key Vault modal, select + Create a new connection.

Create a new Azure Key Vault connection Create a new Azure Key Vault connection

# Connect to Azure Key Vault

Configure Azure Key Vault connection Configure Azure Key Vault connection

1
  • Connection name
  • Name your Azure Key Vault connection.
2
  • Vault URL
  • Provide the URL of your key vault. Obtain this value by navigating to Azure portal > Key vaults (opens new window). Select the desired key vault and copy the Vault URI shown in the Overview. In our example, we connect to the vault URL https://example.vault.azure.net/.
3
4
5
6

Click Connect. Workato displays the name of the Azure Key Vault connection:

Connection successful Connection successful

7

Click Save changes.


Last updated: 3/18/2025, 5:45:08 PM