Azure AI Foundry Agent Unable to Use Credentials Stored in Key Vault Through Playwright MCP Tool
Hello everyone, I am trying to understand how Azure AI Foundry agents interact with Azure Key Vault when using custom MCP tools, and I would appreciate any guidance from the community. My Setup - Created an Azure AI Foundry agent. - Created an Azure Key Vault and configured all permissions according to Microsoft's official documentation. - Stored the required website credentials (username and password) in the Key Vault. - Deployed the official Playwright MCP Docker image. - Exposed the MCP server using ngrok and verified that the endpoint is accessible. - Connected the MCP endpoint as a Custom MCP Tool in Azure AI Foundry. - Performed all configuration through the Azure portal, Foundry UI, and Playground only (no SDK or custom application code involved). The Issue The agent can access and use the Playwright MCP tool. However, when I ask it to log in to a website using credentials that are already stored in Key Vault, it does not populate the username and password fields. My expectation was that the agent would be able to retrieve the secrets from Key Vault and provide them to the Playwright tool during execution. Questions Is there currently a supported mechanism for Azure AI Foundry agents to automatically retrieve Key Vault secrets and pass them to a Custom MCP tool? Does the Playwright MCP Docker image have any built-in integration with Azure Key Vault? When using only the Foundry UI (without SDK code), can a Foundry agent securely inject Key Vault secrets into MCP tool calls? Are additional configurations required beyond Key Vault permissions and agent connections? Has anyone successfully implemented a similar setup where a Foundry agent uses credentials stored in Key Vault to perform browser automation through Playwright MCP? Any clarification on the expected architecture and whether this scenario is currently supported in Azure AI Foundry would be greatly appreciated. Thank you.
Managing and Rotating Secrets with Azure Key Vault, Managed Services, and some automation – Part 1
Secret rotation is not a new problem. In cloud-based environments many services implement secret-based authentication schemes. For many organizations, these secrets must be rotated on a regular schedule. In addition to the actual problem of rotating the access keys, there exists a problem of how these newly rotated credentials are propagated to all the applications and systems that utilize them. In this multi-part blog series, I will discuss a solution that, through automation, addresses both the scheduled rotation and dependency notification/update requirements.
WebApps calling KeyVault for secrets
Hi, I have a web app that needs to look up key/values in the key vault. I have assigned identity to the web app and set permissions on KeyVault, but do I still need to enable access on the key vault firewall for the outbound IP of the WebApp? Hard to manged if the WebApp is stopped as the IP will change? Is there a better way?
