Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The Azure MCP Server allows you to manage Azure Key Vault resources, including keys, secrets, and certificates with natural language prompts. You can manage keys without remembering specialized command syntax.
Azure Key Vault is a cloud service for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys.
Note
The Azure MCP Server tools define parameters for data they need to complete tasks. Some of these parameters are specific to each tool and are documented below. Other parameters are global and shared by all tools. For more information, see Tool parameters.
Create key
The Azure MCP Server can create a new key in an Azure Key Vault. This allows you to add cryptographic keys for your applications.
Example prompts include:
- Create key: "Create a new RSA key named 'app-encryption-key' in my 'mykeyvault' Key Vault."
- Generate key: "Generate a new EC key called 'signing-key' in Key Vault 'security-kv'"
- Add key: "Add a new 2048-bit RSA key named 'data-key' to my Key Vault"
- Set up key: "Create an encryption key for my application in Key Vault"
- Make new key: "Create a P-256 EC key called 'jwt-signing' in my 'api-vault'"
| Parameter | Required or optional | Description |
|---|---|---|
| Subscription | Required | The Azure subscription ID or name. |
| Vault | Required | The name of the Key Vault. |
| Key | Required | The name of the key to create. |
| Key type | Required | The type of key to create (RSA, EC). |
Get key
The Azure MCP Server can retrieve details of a specific key from an Azure Key Vault. This allows you to view key properties and metadata.
Example prompts include:
- Get key: "Show me details of the 'app-encryption-key' in my 'mykeyvault' Key Vault."
- View key: "Get information about the 'signing-key' in Key Vault 'security-kv'"
- Retrieve key: "Get properties of the 'data-key' in my Key Vault"
- Check key: "Show me the details of the encryption key in my vault"
- Find key: "Get the properties of 'jwt-signing' key in 'api-vault'"
| Parameter | Required or optional | Description |
|---|---|---|
| Subscription | Required | The Azure subscription ID or name. |
| Vault | Required | The name of the Key Vault. |
| Key | Required | The name of the key to retrieve. |
List keys
The Azure MCP Server can list all keys in an Azure Key Vault. This helps you manage your cryptographic keys.
Example prompts include:
- List keys: "Show me all keys in my 'mykeyvault' Key Vault."
- View keys: "What keys do I have in Key Vault 'security-kv'?"
- Find keys: "List keys in my Key Vault 'central-keys'"
- Query keys: "Show all keys in my Key Vault"
- Check keys: "What keys are available in my 'encryption-vault'?"
| Parameter | Required or optional | Description |
|---|---|---|
| Subscription | Required | The Azure subscription ID or name. |
| Vault | Required | The name of the Key Vault. |
| Include managed | Optional | Whether or not to include managed keys in results. |