Merge pull request #281760 from diberry/diberry/ts-key-vault

Key Vault - TypeScript quickstarts

Author: denrea

articles/key-vault/certificates/quick-create-node.md

@@ -1,19 +1,20 @@
 ---
 title: Quickstart -  Azure Key Vault certificate client library for JavaScript (version 4)
-description: Learn how to create, retrieve, and delete certificates from an Azure key vault using the JavaScript client library
+description: Learn how to create, retrieve, and delete certificates from an Azure key vault using the JavaScript client library with either JavaScript or TypeScript
 author: msmbaldwin
 ms.author: mbaldwin
-ms.date: 02/01/2023
-ms.service: key-vault
+ms.date: 07/30/2024
+ms.service: azure-key-vault
 ms.subservice: certificates
 ms.topic: quickstart
 ms.devlang: javascript
-ms.custom: devx-track-js, mode-api, passwordless-js
+ms.custom: devx-track-js, mode-api, passwordless-js, devx-track-ts
+zone_pivot_groups: programming-languages-set-functions-nodejs
 ---
 
 # Quickstart: Azure Key Vault certificate client library for JavaScript
 
-Get started with the Azure Key Vault certificate client library for JavaScript. [Azure Key Vault](../general/overview.md) is a cloud service that provides a secure store for certificates. You can securely store keys, passwords, certificates, and other secrets. Azure key vaults may be created and managed through the Azure portal. In this quickstart, you learn how to create, retrieve, and delete certificates from an Azure key vault using the JavaScript client library
+Get started with the Azure Key Vault certificate client library for JavaScript. [Azure Key Vault](../general/overview.md) is a cloud service that provides a secure store for certificates. You can securely store keys, passwords, certificates, and other secrets. Azure key vaults may be created and managed through the Azure portal. In this quickstart, you learn how to create, retrieve, and delete certificates from an Azure key vault using the JavaScript client library.
 
 Key Vault client library resources:
 
@@ -23,6 +24,8 @@ For more information about Key Vault and certificates, see:
 - [Key Vault Overview](../general/overview.md)
 - [Certificates Overview](about-certificates.md)
 
+::: zone pivot="programming-language-javascript"
+
 ## Prerequisites
 
 - An Azure subscription - [create one for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
@@ -33,6 +36,19 @@ For more information about Key Vault and certificates, see:
     - [Azure portal](../general/quick-create-portal.md) 
     - [Azure PowerShell](../general/quick-create-powershell.md)
 
+::: zone-end
+
+::: zone pivot="programming-language-typescript"
+- An Azure subscription - [create one for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
+- Current [Node.js LTS](https://nodejs.org).
+- [TypeScript 5+](https://www.typescriptlang.org/download/)
+- [Azure CLI](/cli/azure/install-azure-cli)
+- An existing Key Vault - you can create one using:
+    - [Azure CLI](../general/quick-create-cli.md)
+    - [Azure portal](../general/quick-create-portal.md) 
+    - [Azure PowerShell](../general/quick-create-powershell.md)
+::: zone-end
+
 This quickstart assumes you're running [Azure CLI](/cli/azure/install-azure-cli).
 
 ## Sign in to Azure
@@ -86,25 +102,25 @@ Create a Node.js application that uses your key vault.
 
 ## Set environment variables
 
-This application is using key vault name as an environment variable called `KEY_VAULT_NAME`.
+This application is using key vault endpoint as an environment variable called `KEY_VAULT_URL`.
 
 ### [Windows](#tab/windows)
 
 ```cmd
-set KEY_VAULT_NAME=<your-key-vault-name>
+set KEY_VAULT_URL=<your-key-vault-endpoint>
 ````
 
 ### [PowerShell](#tab/powershell)
 
 Windows PowerShell
 ```powershell
-$Env:KEY_VAULT_NAME="<your-key-vault-name>"
+$Env:KEY_VAULT_URL="<your-key-vault-endpoint>"
 ```
 
 ### [macOS or Linux](#tab/linux)
 
 ```cmd
-export KEY_VAULT_NAME=<your-key-vault-name>
+export KEY_VAULT_URL=<your-key-vault-endpoint>
 ```
 ---
 
@@ -114,7 +130,7 @@ Application requests to most Azure services must be authorized. Using the [Defau
 
 In this quickstart, `DefaultAzureCredential` authenticates to key vault using the credentials of the local development user logged into the Azure CLI. When the application is deployed to Azure, the same `DefaultAzureCredential` code can automatically discover and use a managed identity that is assigned to an App Service, Virtual Machine, or other services. For more information, see [Managed Identity Overview](/azure/active-directory/managed-identities-azure-resources/overview).
 
-In this code, the name of your key vault is used to create the key vault URI, in the format `https://<your-key-vault-name>.vault.azure.net`. For more information about authenticating to key vault, see [Developer's Guide](/azure/key-vault/general/developers-guide#authenticate-to-key-vault-in-code).
+In this code, the endpoint of your key vault is used to create the key vault client. The endpoint format looks like `https://<your-key-vault-name>.vault.azure.net` but may change for sovereign clouds. For more information about authenticating to key vault, see [Developer's Guide](/azure/key-vault/general/developers-guide#authenticate-to-key-vault-in-code).
 
 ## Code example
 
@@ -134,7 +150,9 @@ This code uses the following [Key Vault Certificate classes and methods](/javasc
 
 ### Set up the app framework
 
-1. Create new text file and paste the following code into the **index.js** file. 
+::: zone pivot="programming-language-javascript"
+
+* Create new text file and paste the following code into the **index.js** file. 
 
     ```javascript
     const { CertificateClient, DefaultCertificatePolicy } = require("@azure/keyvault-certificates");
@@ -148,11 +166,10 @@ This code uses the following [Key Vault Certificate classes and methods](/javasc
       // - AZURE_CLIENT_SECRET: The client secret for the registered application
       const credential = new DefaultAzureCredential();
 
-      const keyVaultName = process.env["KEY_VAULT_NAME"];
-      if(!keyVaultName) throw new Error("KEY_VAULT_NAME is empty");
-      const url = "https://" + keyVaultName + ".vault.azure.net";
+      const keyVaultUrl = process.env["KEY_VAULT_URL"];
+      if(!keyVaultUrl) throw new Error("KEY_VAULT_URL is empty");
 
-      const client = new CertificateClient(url, credential);
+      const client = new CertificateClient(keyVaultUrl, credential);
 
       const uniqueString = new Date().getTime();
       const certificateName = `cert${uniqueString}`;
@@ -217,6 +234,60 @@ This code uses the following [Key Vault Certificate classes and methods](/javasc
     node index.js
     ```
 
+
+1. The create and get methods return a full JSON object for the certificate:
+
+    ```JSON
+    {
+      "keyId": undefined,
+      "secretId": undefined,
+      "name": "YOUR-CERTIFICATE-NAME",
+        "reuseKey": false,
+        "keyCurveName": undefined,
+        "exportable": true,
+        "issuerName": 'Self',
+        "certificateType": undefined,
+        "certificateTransparency": undefined
+      },
+      "properties": {
+        "createdOn": 2021-11-29T20:17:45.000Z,
+        "updatedOn": 2021-11-29T20:17:45.000Z,
+        "expiresOn": 2022-11-29T20:17:45.000Z,
+        "id": "https://YOUR-KEY-VAULT-NAME-ENDPOINT/certificates/YOUR-CERTIFICATE-NAME/YOUR-CERTIFICATE-VERSION",
+        "enabled": false,
+        "notBefore": 2021-11-29T20:07:45.000Z,
+        "recoveryLevel": "Recoverable+Purgeable",
+        "name": "YOUR-CERTIFICATE-NAME",
+        "vaultUrl": "https://YOUR-KEY-VAULT-NAME-ENDPOINT",
+        "version": "YOUR-CERTIFICATE-VERSION",
+        "tags": undefined,
+        "x509Thumbprint": undefined,
+        "recoverableDays": 90
+      }
+    }
+    ```
+
+
+::: zone-end
+::: zone pivot="programming-language-typescript"
+* Create new text file and paste the following code into the **index.ts** file. 
+
+    :::code language="typescript" source="~/azure-typescript-e2e-apps/quickstarts/key-vault/src/certificates.ts" :::
+
+## Run the sample application
+
+1. Build the TypeScript app:
+
+    ```terminal
+    tsc
+    ```
+
+1. Run the app:
+
+    ```terminal
+    node index.js
+    ```
+
 1. The create and get methods return a full JSON object for the certificate:
 
     ```JSON
@@ -235,12 +306,12 @@ This code uses the following [Key Vault Certificate classes and methods](/javasc
         "createdOn": 2021-11-29T20:17:45.000Z,
         "updatedOn": 2021-11-29T20:17:45.000Z,
         "expiresOn": 2022-11-29T20:17:45.000Z,
-        "id": "https://YOUR-KEY-VAULT-NAME.vault.azure.net/certificates/YOUR-CERTIFICATE-NAME/YOUR-CERTIFICATE-VERSION",
+        "id": "https://YOUR-KEY-VAULT-NAME-ENDPOINT/certificates/YOUR-CERTIFICATE-NAME/YOUR-CERTIFICATE-VERSION",
         "enabled": false,
         "notBefore": 2021-11-29T20:07:45.000Z,
         "recoveryLevel": "Recoverable+Purgeable",
         "name": "YOUR-CERTIFICATE-NAME",
-        "vaultUrl": "https://YOUR-KEY-VAULT-NAME.vault.azure.net",
+        "vaultUrl": "https://YOUR-KEY-VAULT-NAME-ENDPOINT",
         "version": "YOUR-CERTIFICATE-VERSION",
         "tags": undefined,
         "x509Thumbprint": undefined,
@@ -249,6 +320,8 @@ This code uses the following [Key Vault Certificate classes and methods](/javasc
     }
     ```
 
+::: zone-end
+
 
 ## Integrating with App Configuration
 

articles/key-vault/certificates/toc.yml

@@ -19,15 +19,18 @@ items:
     href: quick-create-portal.md
   - name: .NET
     href: quick-create-net.md
-  - name: Node.js
-    href: quick-create-node.md
-    displayName: az ad sp create-for-rbac, az keyvault set-policy    
+  - name: JavaScript
+    href: quick-create-node.md?tabs=azure-cli%2Cwindows&pivots=programming-language-javascript
+    displayName: az ad sp create-for-rbac, az keyvault set-policy
   - name: Python
     href: quick-create-python.md
   - name: Go
     href: quick-create-go.md
   - name: Java
     href: quick-create-java.md
+  - name: TypeScript
+    href: quick-create-node.md?tabs=azure-cli%2Cwindows&pivots=programming-language-typescript
+    displayName: az ad sp create-for-rbac, az keyvault set-policy
   - name: Spring
     href: /azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-key-vault-certificates
 - name: Samples