diff --git a/src/OrchardCore.Build/Dependencies.AspNetCore.props b/src/OrchardCore.Build/Dependencies.AspNetCore.props
index 174a76fe121..209cb14105c 100644
--- a/src/OrchardCore.Build/Dependencies.AspNetCore.props
+++ b/src/OrchardCore.Build/Dependencies.AspNetCore.props
@@ -16,6 +16,7 @@
+
diff --git a/src/OrchardCore.Build/Dependencies.props b/src/OrchardCore.Build/Dependencies.props
index 8c1f9c47ea5..e8b58a4c1f1 100644
--- a/src/OrchardCore.Build/Dependencies.props
+++ b/src/OrchardCore.Build/Dependencies.props
@@ -22,7 +22,6 @@
-
diff --git a/src/OrchardCore/OrchardCore.KeyVault.Azure/Extensions/AzureKeyVaultWebHostBuilderExtension.cs b/src/OrchardCore/OrchardCore.KeyVault.Azure/Extensions/AzureKeyVaultWebHostBuilderExtension.cs
index 895b665e22f..c48318c5588 100644
--- a/src/OrchardCore/OrchardCore.KeyVault.Azure/Extensions/AzureKeyVaultWebHostBuilderExtension.cs
+++ b/src/OrchardCore/OrchardCore.KeyVault.Azure/Extensions/AzureKeyVaultWebHostBuilderExtension.cs
@@ -28,13 +28,11 @@ public static IHostBuilder UseOrchardCoreAzureKeyVault(this IHostBuilder builder
keyVaultEndpoint,
clientId,
clientSecret,
- new CustomKeyVaultSecretManager()
+ new AzureKeyVaultSecretManager()
);
});
return builder;
}
-
-
}
}
diff --git a/src/OrchardCore/OrchardCore.KeyVault.Azure/OrchardCore.KeyVault.Azure.csproj b/src/OrchardCore/OrchardCore.KeyVault.Azure/OrchardCore.KeyVault.Azure.csproj
index 9c80256674b..fc00fb37fbf 100644
--- a/src/OrchardCore/OrchardCore.KeyVault.Azure/OrchardCore.KeyVault.Azure.csproj
+++ b/src/OrchardCore/OrchardCore.KeyVault.Azure/OrchardCore.KeyVault.Azure.csproj
@@ -12,7 +12,6 @@
-
diff --git a/src/OrchardCore/OrchardCore.KeyVault.Azure/Services/AzureKeyVaultSecretManager.cs b/src/OrchardCore/OrchardCore.KeyVault.Azure/Services/AzureKeyVaultSecretManager.cs
new file mode 100644
index 00000000000..ad0ebb04ddf
--- /dev/null
+++ b/src/OrchardCore/OrchardCore.KeyVault.Azure/Services/AzureKeyVaultSecretManager.cs
@@ -0,0 +1,11 @@
+using Microsoft.Azure.KeyVault.Models;
+using Microsoft.Extensions.Configuration.AzureKeyVault;
+
+namespace OrchardCore.Azure.KeyVault.Services
+{
+ public class AzureKeyVaultSecretManager : DefaultKeyVaultSecretManager
+ {
+ public override string GetKey(SecretBundle secret) =>
+ secret.SecretIdentifier.Name.Replace("---", "_").Replace("--", ":");
+ }
+}
diff --git a/src/OrchardCore/OrchardCore.KeyVault.Azure/Services/CustomKeyVaultSecretManager.cs b/src/OrchardCore/OrchardCore.KeyVault.Azure/Services/CustomKeyVaultSecretManager.cs
deleted file mode 100644
index 589c5a499e9..00000000000
--- a/src/OrchardCore/OrchardCore.KeyVault.Azure/Services/CustomKeyVaultSecretManager.cs
+++ /dev/null
@@ -1,23 +0,0 @@
-using Microsoft.Azure.KeyVault.Models;
-using Microsoft.Extensions.Configuration.AzureKeyVault;
-
-namespace OrchardCore.Azure.KeyVault.Services
-{
- ///
- /// A custom override of the DefaultKeyVaultManger class that retrieves secrets from azure keyvault and translates ---
- /// to the OC format using single underscore (illegal character in Azure KeyVault) and -- to : to define a section
- /// Examples:
- /// Key Vault Input: "OrchardCore--OrchardCore---Shells---Database--ConnectionString".
- /// Output: "OrchardCore:OrchardCore_Shells_Database:ConnectionString".
- /// See https://github.com/OrchardCMS/OrchardCore/issues/6359.
- ///
- public class CustomKeyVaultSecretManager : DefaultKeyVaultSecretManager
- {
- public override string GetKey(SecretBundle secret)
- {
- var key = secret.SecretIdentifier.Name.Replace("---", "_").Replace("--", ":");
- return key;
- }
-
- }
-}
diff --git a/src/docs/reference/modules/KeyVault.Azure/README.md b/src/docs/reference/modules/KeyVault.Azure/README.md
new file mode 100644
index 00000000000..82e31787af2
--- /dev/null
+++ b/src/docs/reference/modules/KeyVault.Azure/README.md
@@ -0,0 +1,37 @@
+# Azure Key Vault (`OrchardCore.Azure.KeyVault`)
+The Azure Key Vault configuration provider adds app configuration values from the Azure Key Vault in order to safeguared your cryptographic keys and secrets used by your app. It also contains custom override of the DefaultKeyVaultManger class that retrieves secrets from Azure Key Vault and translates ---
+to an underscore (_) and -- to a colon (:). Both underscores and colons are illegal characters in Azure KeyVault.
+
+Example:
+Key Vault Input: "OrchardCore--OrchardCore---Shells---Database--ConnectionString".
+Output: "OrchardCore:OrchardCore_Shells_Database:ConnectionString".
+See https://github.com/OrchardCMS/OrchardCore/issues/6359.
+
+
+# Configuration:
+You'll need to specify the name of your Azure Key Vault and [register a service principle](https://docs.microsoft.com/en-us/azure/key-vault/general/group-permissions-for-apps) in Active Directory for accessing your key vault using an access control policy.
+```json
+"OrchardCore_Azure_KeyVault": {
+ "KeyVaultName": "", // Set the name of your Azure Key Vault.
+ "AzureADApplicationId": "", // Set the Azure AD Application Id
+ "AzureADApplicationSecret": "" //Set the Azure AD Application Secret
+}
+```
+You should **never check in your client secret into source control** as this defeats the purpose of using a key vault in the first place. Instead set your client secret as an environmnet variable on your machine, or create a seperate azurekeyvault.json file and add it to your gitignore.
+
+In the `program.cs`, add UseOrchardCoreAzureKeyVault() to the Generic Host in CreateHostBuilder().
+```csharp
+using OrchardCore.KeyVault.Azure;
+public class Program
+{
+ public static Task Main(string[] args)
+ => BuildHost(args).RunAsync();
+
+ public static IHost BuildHost(string[] args) =>
+ Host.CreateDefaultBuilder(args)
+ .UseOrchardCoreAzureKeyVault()
+ .ConfigureWebHostDefaults(webBuilder => webBuilder.UseStartup())
+ .Build();
+}
+```
+