Hush-hush, keep your secrets safe in Microsoft Flow

From time to time we need to use credentials or other sensitive information in Flow. We may need to use them in an HTTP request or any other type of action where we integrate with other systems or applications and need to work with specific credentials and passwords.

Flow configurations are encrypted at rest and in transfer, so they are well protected as is. But I still don’t feel quite comfortable storing a password in plain text in a variable or similar in Flow.

There are several reasons for this. One of them being that I may want to be able to share my Flow with others without sharing a sensitive piece of information. Another reason may be that I need to use that piece of sensitive information in several Flows and I don’t want to have to remember to go in an edit every one of them to update the sensitive piece of information when needed.

Azure Key Vault to the rescue

The Azure Key Vault is a great place to store your secrets and make sure they are kept safe.

Create an Azure Key Vault instance from within the Azure Admin Portal, then add your sensitive information in Azure key vault as Keys or Secrets.

There are several actions in Flow to work with the Azure Key Vault. Simply search for Azure Key Vault to review them.

Use the Get Secret action to pick up any secret piece of information you may have stored in the Azure Key Vault.

Please note that the Azure Key Vault is a premium connector and so you need to make sure you have the necessary licenses to use it.