Automating Access Token and Refresh Token Generation Using ADF and Azure Key Vault – Part 2

Posted On September 11, 2024 by Deepak Chauhan Posted in  Tagged in

In continuation to our Part 1, welcome to part 2 of the blog on Automating Access Token and Refresh Token Generation Using ADF and Azure Key Vault. We have already completed the necessary setup in part 1, so if you haven’t read part 1 yet, please do so before proceeding with this part. 

Assumptions- 

Before going further, let’s first discuss the assumptions we made: 

  1. Request failures are due to expired tokens. 
  1. The access token expires after some time; in our case, it was 60 minutes. 
  1. You have a refresh token that does not expire or at least has a longer expiration date than an access token. We will be using a refresh token to generate an access token. If your refresh token also expires, then you may need to automate that process too. 

Now, let’s discuss the step to create a pipeline to refresh the access token: –  

– Create a web activity to pull the client ID, client secret, and refresh token you created in part 1.

– As for settings, you use this setup, and URI is your Azure key vault’s Secret Identifier. 

– Similarly, set up web activities for the client ID, client secret, and refresh token. 

– For the refresh token, I have done setup as shown but you may want to change it according to your API requirements. 

Body-  

grant_type=refresh_token&refresh_token=@{activity(‘Get Refresh Token’).output.value} 

Authorization-  

Basic @{base64(concat(activity(‘Get Client Id’).output.value, ‘:’, activity(‘Get Client Secret’).output.value))} 

– After this, use another web activity to refresh the access token using the refresh token and save it to the Azure Key Vault. 

Body- 

“value”: “@{activity(‘Refresh Access Token’).output.access_token}” 

Conlusion:

This blog provides a comprehensive guide to automating the access token and refresh token generation process using Azure Data Factory and Azure Key Vault. By following the steps outlined, you can ensure seamless token management, reduce manual interventions, and maintain secure access to your resources.

We hope you found this article useful, and if you would like to discuss anything, you can reach out to us at [email protected]


Share Story :

Secured By miniOrange