How to Protect Secrets in .NET Applications

This .NET blog post will show how to protect secrets such as access tokens, passwords, and other sensitive information using the .NET secret manager.

Using the Dotnet built-in Secret Manager and the Dotnet CLI, we can create a local secret vault and store sensitive information. This method is good for local development and when applications run on a single server using server-client architecture.

Enable Secret Manager Vault

To create and initialize a local vault for a project, run the following Dotnet CLI command from the main .NET project directory.

dotnet user-secrets init

If you click on the project file (.csproj), you will see that a new line UserSecretsId was added to the project file. This line links the local secret vault to the project.


Add Secret

To add a secret to the local vault, we use the dotnet user-secrets command.

dotnet user-secrets set "AzureAd:ClientSecret" "[secret value]"

To access a secret in a .NET application, we use the following.

var clientId = config["AzureAd:ClientId"];

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.