Azure Key Vault Explorer — a cross platform GUI desktop application for aggregating secrets (and keys and certificates) in Azure Key Vault built with Avalonia
MIT License
Visit the releases section to download the application. Still in active development but in a usable state
Key Vault Explorer is a lightweight tool with the idea to simplify finding and accessing secrets (and certificates and keys) stored in Azure Key Vault, providing a interface for aggregating, filtering, and quickly getting secret values. The app was inspired by the original AzureKeyVaultExplorer with the goal to eventually bring some more feature parity but first brining the application to macOS.
The authentication and credentials storage uses Microsoft.Identity.Client.Extensions.Msal library are encrypted and stored with DPAPI on windows, and the keychain on macOS (you may be prompted multiple times to grant rights). The security is pulled directly from this document: https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/wiki/Cross-platform-Token-Cache#configuring-the-token-cache
The SQLite database is encrypted using DPAPI on windows, and on macOS the password in the keychain.
You will need the latest version of the .NET 8 SDK, and Visual Studio 2022 (this can be downloaded from the Microsoft Store).
Clone the project, open the .\AzureKeyVaultExplorer
directory and open the solution file called "kv.sln" or "kv.slnx".
Get it from the Microsoft store!
Please follow this Microsoft learn article if you encounter this error: https://learn.microsoft.com/en-us/answers/questions/1393470/azure-enterprise-apps-missing-a-permission-listed
https://login.microsoftonline.com/{the id of your customer tenant}/adminconsent?client_id={client id}
If downloaded from this section, you will need to follow this guide to run the app: https://github.com/cricketthomas/AzureKeyVaultExplorer/discussions/67#discussioncomment-10014603
Install the latest .NET 8 SDK: https://dotnet.microsoft.com/en-us/download/dotnet
Open PowerShell 7+ (on windows, Linux and mac, or zsh on mac)
cd c:\repos
(choose the folder of your choice)
git clone https://github.com/cricketthomas/AzureKeyVaultExplorer.git
(to clone/download the sources)
cd AzureKeyVaultExplorer
(to get into the freshly cloned repo)
.\build.ps1 -RunBuild -Platform net8.0 -Runtime win-x64
(other platforms include win-arm64, osx-x64, osx-arm64, linux-x64).
To build a self contained .exe
please run .\build.ps1 -Runtime win-x64 -PublishAot:$false
, you can ignore the .pdb
files.
If you get an error message stating "Platform linker not found" when building on Windows, please ensure you have all the required prerequisites documented at https://aka.ms/nativeaot-prerequisites, in particular the Desktop Development for C++ workload in Visual Studio.
Open the Visual Studio Installer, Modify, install Desktop Development for C++
For ARM64 development also install C++ ARM64 build tools.
Repeat step 5. The build starts and might take a couple of minutes. The final output looks something like this: Desktop -> C:\Repos\AzureKeyVaultExplorer\publish\
Open that folder in Windows Explorer and run keyvaultexplorerdesktop.exe
. On macOS, a Key Vault Explorer.app
mac os package will be generated in the publish directory. Move this to "Applications", you will have to force open the app using System Preferences, and click "Open anyway".
It will launch your default browser window and prompt you to login and grant consent.
The app is now verified as I am member of the Microsoft Partner Program.
When you run it for the first time, it creates an enterprise application in your tenant. Please contact your Azure tenant admin to make sure the application has been consented for use. Otherwise you will get an error message, see the "First time installs in Azure Tenant:" section
Alternatively, you create an enterprise application with the following permissions, then you can modify the clientId in the Constants.cs
file to your newly created app that is hosted in your own tenant.
Thank you to reddit user AzureToujours for helping with the readme.
The folder where all app associated data like the database and other encrypted files is /Users/YOUR_USER_NAME/Library/Application Support/KeyVaultExplorer/
on macOS
and C:\Users\YOUR_USER_NAME\AppData\Local\KeyVaultExplorer
on Windows.
If you're facing trouble, I recommend deleting all files in the directory. On macOS, i also recommend opening the key chain and deleting everything that begins with "keyvaultexplorer_".
When downloading on windows, you may have to click properties on the exe/application file and check the "unblock" checkbox to allow running the application on the machine if you get a messages saying the app needs another app from the microsoft store to download.
Accepting PRs, suggestions, code reviews, feature requests and more. This is my first time using AvaloniaUI and building a desktop application so all feedback is welcome.