# Microsoft Azure Key Vault Setup

1. Go to your Azure Homepage ([Home - Microsoft Azure](https://portal.azure.com/#home))
2. In the search field type App Registration, or follow this link <https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade>

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2F8SOKuvbU2JLON3Lbyd31%2Fimage.png?alt=media&#x26;token=154934b5-095f-4654-a33f-f0f17b021650" alt=""><figcaption></figcaption></figure>

3. Add a new App and name it, to be able to identify it in the future e.g. “MGS Azure Key Vault”.

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2FK9qUr6iKs0b1lShv2YEw%2Fimage.png?alt=media&#x26;token=3ef9972d-a08f-4275-b8d8-2e1857df277f" alt=""><figcaption></figcaption></figure>

4. Save the Application (client) ID and Directory (tenant) ID for future usage.

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2FA3s6lo4R2memCmjiJ4Nu%2Fimage.png?alt=media&#x26;token=597f44c0-6f95-4788-8a08-fae52cab2cf6" alt=""><figcaption></figcaption></figure>

5. Go to Certificates & secrets -> Client Secrets.

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2FrjduHXDhOuSxXXNH6oAi%2Fimage.png?alt=media&#x26;token=134b8a82-fcc5-4f57-af90-c21252466691" alt=""><figcaption></figcaption></figure>

6. Click on New client secret, fill in the fields, create, and copy the created secret Value for future usage.

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2FH2hRZxzvxu41XsI1QHCJ%2Fimage.png?alt=media&#x26;token=ef9fb395-ae78-410a-9930-45fc44a81c1c" alt=""><figcaption></figcaption></figure>

* For the **Name** field, enter a unique identifier for your secret (for example: `hedera-operator-key`).\
  \&#xNAN;*You will use this secret name as the “Operator Key Vault Secret” (Secret Id) when configuring the Guardian application.*
* For the **Value** field, enter your private key in the following JSON format:

  ```json
  { "privateKey": "YOUR_KEY" }
  ```

  Replace `YOUR_KEY` with your actual Hedera private key, copied from HashPack.
* Click **Create** to save the secret.

7. Go back to you Azure home page, click on Create a resource

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2Fu5u8eazxm7n223PVcLEL%2Fimage.png?alt=media&#x26;token=70a8218d-4a15-42f7-a59b-c3ac3aa501f7" alt=""><figcaption></figcaption></figure>

8. Search for Key Vault and click Create.

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2FtNjDxh6IKrmtNk2bRpkN%2Fimage.png?alt=media&#x26;token=e24d08d3-914b-4a72-a06a-ee22b818e044" alt=""><figcaption></figcaption></figure>

9. Fill in the required fields and click Review + Create

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2FnhRzaDoBtyNlzSJH0fZq%2Fimage.png?alt=media&#x26;token=6e45fe07-baa9-4984-a335-2b5cdf3b28fb" alt=""><figcaption></figcaption></figure>

10. From the Azure home page go to your newly created keyvault -> Access Configuration and select Vault access policy. Click Apply to save changes.

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2FTUAn1hyyYP4Z0MT4GtXG%2Fimage.png?alt=media&#x26;token=d242e840-c77a-4f8f-8992-f4302728badb" alt=""><figcaption></figcaption></figure>

11. Click Go to access policies and then click Create

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2Fiw6p6e0zM9hqEz3bKDMx%2Fimage.png?alt=media&#x26;token=d24d9538-b5bc-435f-a9e2-a60d223050c7" alt=""><figcaption></figcaption></figure>

12. In the Create an access policy dialog, check marks for secret management as bellow, click next

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2FZTwKdvFDGAbBUv2qHE1Y%2Fimage.png?alt=media&#x26;token=060825a1-b007-4486-93f0-12e118af198f" alt=""><figcaption></figcaption></figure>

13. In the Principal dialog find and select you App from step 3 (either by name or by client ID), click next.

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2F9WspemZjCfIPChDJjmkI%2Fimage.png?alt=media&#x26;token=020d5e5f-b99d-498e-8b12-4ff2f1877b9d" alt=""><figcaption></figcaption></figure>

14. On Application (Optional) Dialog click next, And on the Review and Create dialog click Create.

<figure><img src="https://3006114282-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXVOaWpJKxLZf1Tee9eCO%2Fuploads%2FZ6UsMOWVCEQV7aIRsUMq%2Fimage.png?alt=media&#x26;token=83842763-d3f6-476e-99e9-d9d58d3d3866" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.guardianservice.io/technical-information/users/mgs-vault/microsoft-azure-key-vault/microsoft-azure-key-vault-setup.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.