Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Next up in the FabCon + SQLCon recap series: The roadmap for Microsoft SQL and Maximizing Developer experiences in Fabric. All sessions are available on-demand after the live show. Register now

Reply
davidwag
Frequent Visitor

Protecting Secrets with Fabric Notebooks

‎09-14-2023 08:32 AM

Are there any resources available for best practices when it comes to protecting secrets and other sensitive information related to APIs (or in general) when using the new MS Fabric Notebooks? Traditionally an (dot)env file would be used to protect these sensitive items. I have failed to find any information regarding implementing something similar with Notebooks so any feedback would be helpful.

Labels:
Message 1 of 7
5,691 Views
6 REPLIES 6
yongshao
Helper III
Helper III

‎02-23-2024 05:12 AM

" storing things in keyvault and getting those details in notebook for the use " is desired, but accessing keyvault requires client_id/secret from notebook. The question is how secure client_id/secret inside Fabric notebook? Fabric should support managed entity integration as Synapse has linked service and managed entity

Message 7 of 7
5,232 Views
0
MonikaK23
New Member

‎02-22-2024 09:55 PM

Hi, I am trying to access the keyvault from fabric notebook using below code. My keyvault is configured to Allow public access from specific virtual networks and IP addresses. So its throwing the firewall issue. There is a service principal created for secret. I have tried providing access to service principal in IAM and access policies. But still not working. Please help.

 

from trident_token_library_wrapper \ import PyTridentTokenLibrary as tl

#2 key_vault_name = '<unique-keyvault-name>' key_name = "AHV-name" # key name added to vault

# 3 access_token = mssparkutils.credentials.getToken("keyvault")

# 4 ai_services_key = tl.get_secret_with_token( \ f"https://{key_vault_name}.vault.azure.net/", \ key_name, \ access_token)

Message 6 of 7
5,248 Views
0
yongshao
Helper III
Helper III

‎02-22-2024 02:18 PM

I've similar question - from MS Fabric notebook to access key vault, 

mssparkutils.credentials.getSecret('https://<name>.vault.azure.net/', 'secret name') always throws AKV10032: Invalid issuer

 

using SecretClient and DefaultAzureCredential works fine but it requires client_id/secret in the notebook
 
please help
1) how to make mssparkutils.credentials.getSecret() work?
2) if using SecretClient and DefaultAzureCredential, how to secure client_id/secret in the notebook?
 
 

 

Message 5 of 7
5,259 Views
0
Aaron301
Frequent Visitor

‎11-14-2023 08:25 PM

Did you ever find a good way of doing this?

Message 4 of 7
5,519 Views
puneetvijwani
Resolver IV
Resolver IV

‎09-15-2023 12:58 AM

@davidwag @Scott_Powell  What details needed to be hidden ??
have you tried storing thing sin keyvault and getting those details in notebook for the use 
this is more standard way 

Message 3 of 7
5,650 Views
Scott_Powell
Advocate IV
Advocate IV

‎09-14-2023 03:20 PM

This is a great question I'd like to know the answer to also. Thinking about using a notebook python script to call Power BI dataset refreshes when a specific event occurs, in a specific order. But I'll need to be able to hide the service account details we use when calling the API.

 

Thx,

Scott

Message 2 of 7
5,664 Views

Helpful resources

Announcements
FabCon and SQLCon Highlights Carousel

FabCon &SQLCon Highlights

Experience the highlights from FabCon & SQLCon, available live and on-demand starting April 14th.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Join our Fabric User Panel

Join our Fabric User Panel

Share feedback directly with Fabric product managers, participate in targeted research studies and influence the Fabric roadmap.

March Fabric Update Carousel

Fabric Monthly Update - March 2026

Check out the March 2026 Fabric update to learn about new features.

View All