Go to the Storage Account > Access keys and select the key which you’ll use to authenticate.

Go to the Key Vault and Create a secret. Store the Storage Account’s Access Key as the secret’s value.

To get a sample template of the connector you want, go to a Logic App, and manually create a connection to that connector first.

Note: This example uses Azure Blob Storage connector, with the Authentication type as “Access Key”. You can use a different connector or authentication type.

Fill out these details and reate the connection

Go to the newly created API Connection and select the Export template blade and Download or Copy the template into a text/JSON editor.

In the text editor, remove everything within the resources[] array field. It does not contain the authentication elements we need, which is the Storage Account’s Access Key in this case.

1.      Go to the Edit API connection blade and enter dummy values in or edit any of the fields, so that the Portal will allow you to save it.

2.      Go to the Developer Tools of your browser and start capturing a Network trace.

3.      Click Save and you’ll see an entry with the API connection name.

4.      Go to the Payload tab and scroll down to the Request Payload. Select View Source and copy everything.

Paste the payload directly into the resource[] array in the text editor.

The Azure Resource Manager (ARM) Tools extension is handy if there are fields missing from the template. In this case, the apiVersion property was missing from the payload/template body, because it's usually sent as a query parameter in the API call.

Added the “apiVersion”: “2016-06-01” property to the template body of the API connection resource.

1.      Create a new parameter in the parameters object which is going to store the Storage Account’s Access key.

2.      Replace the hardcoded accessKey value with a reference to that parameter name.

3.      Save this file as a JSON file. Example: Template.json

You can use the Azure Resource Manager (ARM) Tools extension in Visual Studio Code to easily generate the corresponding parameters file, or just create a new file in the same directory as the template file, example: Template.parameters.json

We need this parameters file to reference Key Vault.

Instead of storing a value as plaintext, replace the “value” object with a “reference” object. Here, the parameter references the Key Vault by its Resource ID and the Storage Account’s access key by the Key Vault’s Secret Name.

In the Azure Portal, open the Cloud Shell. Use PowerShell or Azure CLI to deploy the templates.

Upload both Template.json and Template.parameters.json files.

Run the following command to deploy them. Replace the ResouceGroupName, and both file names accordingly.

New-AzResourceGroupDeployment -ResourceGroupName ResourceGroupName -TemplateFile "Template.json" -TemplateParameterFile "Template.parameters.json"

The API connection will be deployed as a new instance or replace the API connection if one already exists with the same name.