EXTPOSE
Azure Key Vault Password Manager icon

Azure Key Vault Password Manager

Extension Actions

How to install an extension Open in Chrome Web Store
CRX ID
nnnhdkcnolgpccpeeknkghlaokpeceho
Description from extension meta

Password Manager that auto-fills credentials stored in Azure Key Vault. User must provide valid Azure Entra ID credentials.

Image from store
Azure Key Vault Password Manager
Description from store

HOW TO USE FROM CHROME EXTENSION

Password Manager that auto-fills credentials stored in Azure Key Vault. User must provide valid Azure Entra ID credentials.

PREREQUISITES

a) The user must also have access to the provided key vault.

b) The key vault name is configurable through the extension.

c) The user must consent to the application used to access the vault with.

1. CREATE AN AZURE KEY VAULT

Step 1: Sign in to Azure Portal

1. Navigate to Azure Portal (https://portal.azure.com)
2. Sign in with your Azure account

Step 2: Create a Key Vault

1. Click "Create a resource" in the Azure portal
2. Search for "Key Vault" and select it
3. Click "Create"
4. Fill in the required information:
- Subscription: Select your Azure subscription
- Resource Group: Create new or select existing
- Key Vault Name: Choose a unique name (e.g., mypasswords-kv)
- Region: Select your preferred region
- Pricing Tier: Standard (recommended)
5. Click "Review + Create" then "Create"

Step 3: Assign RBAC Role

1. Navigate to your newly created Key Vault
2. Go to "Access control (IAM)" in the left menu
3. Click "+ Add" then select "Add role assignment"
4. Configure the role assignment:
- Role: Search for and select "Key Vault Secrets Officer"
- Assign access to: User, group, or service principal
- Members: Click "+ Select members" and add your user account
5. Click "Review + assign" then "Assign"

Step 4: Add Test Credentials (Optional)

1. Go to "Secrets" in the left menu
2. Click "+ Generate/Import"
3. Create a secret with format: website-com-username
- Name: example-com-john
- Value: mypassword123
- Tags: Add username: john and site: example.com
4. Click "Create"

2. CONFIGURE THE EXTENSION WITH YOUR KEY VAULT

Step 1: Open Extension Popup

1. Click the Azure Key Vault Password Manager extension icon in Chrome
2. The popup will open showing authentication status

Step 2: Enter Key Vault Name

1. In the popup, locate the "Key Vault Name" field
2. Enter your Key Vault name (without the .vault.azure.net suffix)
- Example: If your vault URL is mypasswords-kv.vault.azure.net, enter: mypasswords-kv
3. The extension will automatically save this configuration

Step 3: Authenticate

1. Click the "Login to Azure" button
2. A new tab will open for Azure authentication
3. Sign in with your Azure credentials
4. Grant consent to the application when prompted
5. The authentication tab will close automatically
6. Return to the extension popup to see "Authenticated" status

Step 4: Refresh Secrets

1. Click "Refresh Secrets" to load your credentials
2. The popup will show the number of secrets loaded
3. Enable "Auto-Fill" toggle to activate automatic credential filling

3. OPTIONAL: SPECIFY CUSTOM TENANT AND CLIENT APP ID

For advanced users or enterprise environments, you can override the default authentication settings:

When to Use Custom Settings

- Your organization uses a specific Azure tenant
- You have a custom Azure App Registration for this extension
- You need to authenticate against a different Azure environment

Step 1: Access Authentication Override Options

1. Open the extension popup
2. Ensure you are not authenticated (if authenticated, click "Logout" first)
3. The "Optional Authentication Override" section will be visible

Step 2: Configure Custom Settings

1. Client ID (optional):
- Enter your custom Azure App Registration Client ID
- Format: 12345678-1234-1234-1234-123456789012
- Leave empty to use the extension's default client ID

2. Tenant ID (optional):
- Enter your organization's tenant ID or domain
- Formats accepted:
- Tenant ID: 87654321-4321-4321-4321-210987654321
- Domain: contoso.onmicrosoft.com
- Custom domain: contoso.com
- Leave empty to use the common endpoint

Step 3: Authenticate with Custom Settings

1. After entering your custom values, click "Login to Azure"
2. The extension will use your specified tenant and/or client ID
3. Complete the authentication process as normal
4. Your custom settings will be remembered for future sessions

Step 4: Reset to Default (Optional)

1. To return to default settings, logout from the extension
2. Clear the Client ID and Tenant fields
3. Click "Login to Azure" to use default authentication

USAGE TIPS

Auto-Fill Functionality

- Navigate to any website with login forms
- The extension will automatically detect username/password fields
- Click in the username field to see available credentials
- Credentials are filtered by website domain automatically

Managing Credentials

- Credentials are stored as secrets in your Azure Key Vault
- Each secret should be tagged with username and site tags for proper organization
- The extension can save new credentials when you log into websites

Troubleshooting

- Ensure your Azure account has proper permissions to the Key Vault
- Verify the Key Vault name is entered correctly (without .vault.azure.net)
- Check that Auto-Fill is enabled in the extension popup
- For custom authentication, verify your Client ID and Tenant are correct