| author | dlepow |
|---|---|
| ms.service | azure-api-management |
| ms.topic | include |
| ms.date | 01/29/2026 |
| ms.author | danlep |
- In the Azure portal, go to your key vault.
- In the left menu, select Settings > Access configuration. Make a note of the configured Permission model.
- Depending on the permission model, configure either a key vault access policy or Azure RBAC access for an API Management managed identity.
To add a key vault access policy:
- In the left menu, select Access policies.
- On the Access policies page, select + Create.
- On the Permissions tab, under Secret permissions, select Get and List, and then select Next.
- On the Principal tab, search for the resource name of your managed identity, then select Next. If you're using a system-assigned identity, the principal is the name of your API Management instance.
- Select Next again. On the Review + create tab, select Create.