Azure-sdk-for-js: environmentcredential is not supported in the browser while reading key-vault secret
I am trying to access key-vault secrets from Angular 9 app. I created Azure app service with , identity system assigned and created the managed identity. I am getting this error while accessing the secrets "environmentcredential is not supported in the browser". Please help.
duttasantanu
All 7 comments
@duttasantanu Hello, hello!
I'm sorry to say that the Key Vault service doesn't currently support browser authentication.
Besides that, the EnvironmentCredential authentication method is reserved to environments that support environment variables, like operative systems (Linux, OSX, Windows).
Please let me know if I can help with anything else! If not, feel free to close this issue.
sadasant
on 17 Aug 2020
Is any one of the credentials in DefaultAzureCredential supported in browser? If yes and I want to use DAC in browser, maybe it's better to have no-op for unsupported ones.
jeremymeng
on 20 Aug 2020
@jeremymeng
DefaultAzureCredential currently has the following sequence of credentials: EnvironmentCredential, ManagedIdentityCredential, AzureCliCredential and VisualStudioCodeCredential.
None of these work in the browser.
Also, the Key Vault service doesn't support browser authentication yet.
All of these credentials have proper errors when they fail, just like the one the user is describing: "environmentcredential is not supported in the browser".
When they run inside of the DefaultAzureCredential, these errors only bubble up if all of the credentials fail. They do appear in the logs depending on the verbosity of the logs. My main point being that if one of the credentials in the chain inside of DefaultAzureCredential pass, then no errors are reported, it _just works_. Granted, this is not the case for the browser, since none of these credentials are supported in the browser yet.
sadasant
on 20 Aug 2020
@sadasant @jeremymeng Thank you for explaining
duttasantanu
on 21 Aug 2020
@duttasantanu thank you for your time! Please continue submitting issues. We're here to help 馃尰
sadasant
on 21 Aug 2020
So, using an angular application, I cannot access key vault? Are the samples mentioned in https://www.npmjs.com/package/@azure/identity working then?
faraazhabeeb123
on 16 Sep 2020
Hi,
I was following along here:
This uses DefaultAzureCredential as well - if it isnt supported, why does this not say it right at the top in bright red text?
[EDIT] - The docs state "Note: This package cannot be used in the browser due to Azure Key Vault service limitations." - but it isnt in big red letters ;-)
Further to @faraazhabeeb123 asking the question - I have a React TS app and I need to pull values from keyvault. Can someone on the team please provide some pointers and or advice on how to achieve this please?
Many thanks
drfbwilliams
on 8 Apr 2021
Related issues
nguerrera
路
3Comments
SlothFriend
路
3Comments
mitchdenny
路
4Comments
kaerm
路
4Comments
ahmedspiir
路
3Comments
Most helpful comment
@jeremymeng
DefaultAzureCredential currently has the following sequence of credentials: EnvironmentCredential, ManagedIdentityCredential, AzureCliCredential and VisualStudioCodeCredential.
https://github.com/Azure/azure-sdk-for-js/blob/master/sdk/identity/identity/src/credentials/defaultAzureCredential.ts#L43-L52
None of these work in the browser.
Also, the Key Vault service doesn't support browser authentication yet.
All of these credentials have proper errors when they fail, just like the one the user is describing: "environmentcredential is not supported in the browser".
When they run inside of the DefaultAzureCredential, these errors only bubble up if all of the credentials fail. They do appear in the logs depending on the verbosity of the logs. My main point being that if one of the credentials in the chain inside of DefaultAzureCredential pass, then no errors are reported, it _just works_. Granted, this is not the case for the browser, since none of these credentials are supported in the browser yet.