In the preceding scenarios, such as Bot Framework integration or HealthVault integration, we dealt with keys such as bot secret keys, which we don't recommend embedding or storing within a Holographic UWP application. For any enterprise scenario, these should be kept in secure locations, such as the Azure Key Vault solution for storing keys securely.

In this section, we will look at ways to access Azure Key Vault from the holographic application. If you are not familiar with Azure Key Vault and would like to learn from the start, visit https://docs.microsoft.com/en-us/azure/key-vault/.

Azure Key Vault provides REST APIs to access secret keys and manage the overall Key Vault. For access keys, you must first get yourself authenticated and get an access token. All requests to Azure Key Vault must be authenticated through Azure Active Directory access tokens.

To retrieve the secret key from Azure Key Vault, you just need to make a GET REST API call with the secret name and secret version details:

• Replace {secret-name} with the name
• If you want to retrieve the current secret version, exclude the {secret-version}:

 -- connect to Azure Key Vault --
 GET /secrets/{secret-name}/{secret-version}?api-version=2016-10-01

 -- response from directline.botframework.com -- HTTP/1.1 200 OK
{
  "value": "[secret value]-,
  "id": [secret id],
  "contentType": [content type of the secret],
  "attributes-:
{
       "recoveryLevel-: [Purgeable | Recoverable+Purgeable |  
          Recoverable, Recoverable+ProtectedSubscription],
       ..
},
  "tags-: [],
  ..
}