Hero Banner

Secure Application Model

Learn and ask questions on how to implement secure application model

Reply
Level 4 Contributor

Deleting Token from Key Vault Soft delete enabled

While implementing secure app model, we have stored the refresh token in azure key vault as a secret. While reconsent we delete that refresh token and again put the new refresh token.(secret name = azure tenant id and secret value = refresh token)

 

Previously in azure key vault soft delete was not mandatory,so things were working fine. Now in azure key vault soft delete is mandatory so when I delete the old secret and set new secret with same name I am getting exception "Secret already present with deleted state".

 

As a solution now after delete secret I call purge secret to permanently delete it, but there is again a new problem.

 

Before purging we need to wait around 20 seconds so that deletedSecret call works properly else purgeSecret throws exception that "Secret is being deleted". and also to make purge successfull we again need to wait for around 10-15 seconds after purge call.

 

So total aroung 35 seconds we need to wait before I completely remove the old secret and then only I can set new secret.

As per our requirement, we can not wait this much amount of time.

 

Is there a solution for this problem? 

0 REPLIES 0