Operation failed because client does not have permission to perform the operation on the key vault. Please check your permissions in the key vault access policies

{tocify} $title={Table of Contents}



Error/Issue:


While trying to Get Secret from Key vault, following error was presented

 "Operation failed because client does not have permission to perform the operation on the key vault. Please check your permissions in the key vault access policies"


But I had created the connection  

client does not have permission






Why it happened

As the error says, client does not have permission to perform the operation on the key vault. Please check your permissions in the key vault access policies - thus just creating a connection to Keyvault does not give you the permission .

When connection is created only Authentication happens but to access the Key Vault artifacts Authorization is to be done.


And you authorize by adding the service principal of an Identiy in an Access policy of Keyvault along with selecting what all actions can be performed.




What to do


Click on Access policies section, select Permission model as Vault access policy and click on Add Access Policy

Add access policy


Added the logic app service principal in Access Policy of KeyVault.

add access policy for logic app



 Permissions should be selected as per the need and as I needed to see the list of secrets and get the value of secret - selected both as can be seen in below image.

get and list secret permissions


Did save and the issue was gone.





Post a Comment

If you have any suggestions or questions or want to share something then please drop a comment

Previous Post Next Post