Class SecretClientBuilder
- All Implemented Interfaces:
com.azure.core.client.traits.ConfigurationTrait<SecretClientBuilder>
,com.azure.core.client.traits.HttpTrait<SecretClientBuilder>
,com.azure.core.client.traits.TokenCredentialTrait<SecretClientBuilder>
secret async client
and secret client
,
by calling buildAsyncClient
and buildClient
respectively.
It constructs an instance of the desired client.
The SecretClient
/SecretAsyncClient
both provide synchronous/asynchronous methods to manage
secrets
in the Azure Key Vault. The client supports creating, retrieving, updating,
deleting, purging, backing up, restoring, and listing the secrets
. The client also support
listing deleted secrets
for a soft-delete enabled
Azure Key Vault.
The minimal configuration options required by secretClientBuilder
to build
SecretAsyncClient
are vaultUrl
and credential
.
SecretAsyncClient secretAsyncClient = new SecretClientBuilder() .credential(new DefaultAzureCredentialBuilder().build()) .vaultUrl("<your-key-vault-url>") .buildAsyncClient();
Samples to construct the sync client
SecretClient secretClient = new SecretClientBuilder() .credential(new DefaultAzureCredentialBuilder().build()) .vaultUrl("<your-key-vault-url>") .buildClient();
The log detail level
, multiple custom policies
and custom
http client
can be optionally configured in the SecretClientBuilder
.
SecretAsyncClient secretAsyncClient = new SecretClientBuilder() .httpLogOptions(new HttpLogOptions().setLogLevel(HttpLogDetailLevel.BODY_AND_HEADERS)) .vaultUrl("<your-key-vault-url>") .credential(new DefaultAzureCredentialBuilder().build()) .httpClient(HttpClient.createDefault()) .buildAsyncClient();
- See Also:
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionaddPolicy
(com.azure.core.http.policy.HttpPipelinePolicy policy) Adds apipeline policy
to apply on each request sent.Creates aSecretAsyncClient
based on options set in the builder.Creates aSecretClient
based on options set in the builder.clientOptions
(com.azure.core.util.ClientOptions clientOptions) Allows for setting common properties such as application ID, headers, proxy configuration, etc.configuration
(com.azure.core.util.Configuration configuration) Sets the configuration store that is used during construction of the service client.credential
(com.azure.core.credential.TokenCredential credential) Sets theTokenCredential
used to authorize requests sent to the service.Disables verifying if the authentication challenge resource matches the Key Vault domain.httpClient
(com.azure.core.http.HttpClient client) Sets theHttpClient
to use for sending and receiving requests to and from the service.httpLogOptions
(com.azure.core.http.policy.HttpLogOptions logOptions) Sets thelogging configuration
to use when sending and receiving requests to and from the service.pipeline
(com.azure.core.http.HttpPipeline pipeline) Sets theHttpPipeline
to use for the service client.retryOptions
(com.azure.core.http.policy.RetryOptions retryOptions) Sets theRetryOptions
for all the requests made through the client.retryPolicy
(com.azure.core.http.policy.RetryPolicy retryPolicy) Sets theRetryPolicy
that is used when each request is sent.serviceVersion
(SecretServiceVersion version) Sets theSecretServiceVersion
that is used when making API requests.Sets the vault endpoint URL to send HTTP requests to.
-
Constructor Details
-
SecretClientBuilder
public SecretClientBuilder()The constructor with defaults.
-
-
Method Details
-
buildClient
Creates aSecretClient
based on options set in the builder. Every timebuildClient()
is called, a new instance ofSecretClient
is created.If
pipeline
is set, then thepipeline
andserviceEndpoint
are used to create theclient
. All other builder settings are ignored. Ifpipeline
is not set, thenkey vault credential
, andvaultUrl(String)
key vault url are required to build theclient
.- Returns:
- A
SecretClient
with the options set from the builder. - Throws:
IllegalStateException
- Ifcredential(TokenCredential)
orvaultUrl(String)
have not been set.IllegalStateException
- If bothretryOptions(RetryOptions)
andretryPolicy(RetryPolicy)
have been set.
-
buildAsyncClient
Creates aSecretAsyncClient
based on options set in the builder. Every timebuildAsyncClient()
is called, a new instance ofSecretAsyncClient
is created.If
pipeline
is set, then thepipeline
andserviceEndpoint
are used to create theclient
. All other builder settings are ignored. Ifpipeline
is not set, thenkey vault credential
, andvaultUrl(String)
key vault url are required to build theclient
.- Returns:
- A
SecretAsyncClient
with the options set from the builder. - Throws:
IllegalStateException
- Ifcredential(TokenCredential)
orvaultUrl(String)
have not been set.IllegalStateException
- If bothretryOptions(RetryOptions)
andretryPolicy(RetryPolicy)
have been set.
-
vaultUrl
Sets the vault endpoint URL to send HTTP requests to. You should validate that this URL references a valid Key Vault resource. Refer to the following documentation for details.- Parameters:
vaultUrl
- The vault url is used as destination on Azure to send requests to. If you have a secret identifier, create a newKeyVaultSecretIdentifier
to parse it and obtain thevaultUrl
and other information.- Returns:
- The updated
SecretClientBuilder
object. - Throws:
IllegalArgumentException
- IfvaultUrl
is null or it cannot be parsed into a valid URL.NullPointerException
- IfvaultUrl
isnull
.
-
credential
Sets theTokenCredential
used to authorize requests sent to the service. Refer to the Azure SDK for Java identity and authentication documentation for more details on proper usage of theTokenCredential
type.- Specified by:
credential
in interfacecom.azure.core.client.traits.TokenCredentialTrait<SecretClientBuilder>
- Parameters:
credential
-TokenCredential
used to authorize requests sent to the service.- Returns:
- The updated
SecretClientBuilder
object. - Throws:
NullPointerException
- Ifcredential
isnull
.
-
httpLogOptions
Sets thelogging configuration
to use when sending and receiving requests to and from the service. If alogLevel
is not provided, default value ofHttpLogDetailLevel.NONE
is set.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.- Specified by:
httpLogOptions
in interfacecom.azure.core.client.traits.HttpTrait<SecretClientBuilder>
- Parameters:
logOptions
- Thelogging configuration
to use when sending and receiving requests to and from the service.- Returns:
- The updated
SecretClientBuilder
object.
-
addPolicy
Adds apipeline policy
to apply on each request sent.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.- Specified by:
addPolicy
in interfacecom.azure.core.client.traits.HttpTrait<SecretClientBuilder>
- Parameters:
policy
- Apipeline policy
.- Returns:
- The updated
SecretClientBuilder
object. - Throws:
NullPointerException
- Ifpolicy
isnull
.
-
httpClient
Sets theHttpClient
to use for sending and receiving requests to and from the service.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.- Specified by:
httpClient
in interfacecom.azure.core.client.traits.HttpTrait<SecretClientBuilder>
- Parameters:
client
- TheHttpClient
to use for requests.- Returns:
- The updated
SecretClientBuilder
object.
-
pipeline
Sets theHttpPipeline
to use for the service client.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.The
vaultUrl
is not ignored whenpipeline
is set.- Specified by:
pipeline
in interfacecom.azure.core.client.traits.HttpTrait<SecretClientBuilder>
- Parameters:
pipeline
-HttpPipeline
to use for sending service requests and receiving responses.- Returns:
- The updated
SecretClientBuilder
object.
-
configuration
Sets the configuration store that is used during construction of the service client. The default configuration store is a clone of theglobal configuration store
, useConfiguration.NONE
to bypass using configuration settings during construction.- Specified by:
configuration
in interfacecom.azure.core.client.traits.ConfigurationTrait<SecretClientBuilder>
- Parameters:
configuration
- The configuration store used to- Returns:
- The updated
SecretClientBuilder
object.
-
serviceVersion
Sets theSecretServiceVersion
that is used when making API requests.If a service version is not provided, the service version that will be used will be the latest known service version based on the version of the client library being used. If no service version is specified, updating to a newer version the client library will have the result of potentially moving to a newer service version.
- Parameters:
version
-SecretServiceVersion
of the service API used when making requests.- Returns:
- The updated
SecretClientBuilder
object.
-
retryPolicy
Sets theRetryPolicy
that is used when each request is sent. Setting this is mutually exclusive with usingretryOptions(RetryOptions)
. The default retry policy will be used in the pipeline, if not provided.- Parameters:
retryPolicy
- user's retry policy applied to each request.- Returns:
- The updated
SecretClientBuilder
object.
-
retryOptions
Sets theRetryOptions
for all the requests made through the client.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.Setting this is mutually exclusive with using
retryPolicy(RetryPolicy)
.- Specified by:
retryOptions
in interfacecom.azure.core.client.traits.HttpTrait<SecretClientBuilder>
- Parameters:
retryOptions
- TheRetryOptions
to use for all the requests made through the client.- Returns:
- The updated
SecretClientBuilder
object.
-
clientOptions
Allows for setting common properties such as application ID, headers, proxy configuration, etc. Note that it is recommended that this method be called with an instance of theHttpClientOptions
class (a subclass of theClientOptions
base class). The HttpClientOptions subclass provides more configuration options suitable for HTTP clients, which is applicable for any class that implements this HttpTrait interface.Note: It is important to understand the precedence order of the HttpTrait APIs. In particular, if a
HttpPipeline
is specified, this takes precedence over all other APIs in the trait, and they will be ignored. If noHttpPipeline
is specified, a HTTP pipeline will be constructed internally based on the settings provided to this trait. Additionally, there may be other APIs in types that implement this trait that are also ignored if anHttpPipeline
is specified, so please be sure to refer to the documentation of types that implement this trait to understand the full set of implications.- Specified by:
clientOptions
in interfacecom.azure.core.client.traits.HttpTrait<SecretClientBuilder>
- Parameters:
clientOptions
- A configured instance ofHttpClientOptions
.- Returns:
- The updated
SecretClientBuilder
object. - See Also:
-
disableChallengeResourceVerification
Disables verifying if the authentication challenge resource matches the Key Vault domain. This verification is performed by default.- Returns:
- The updated
SecretClientBuilder
object.
-