[BUG] Cannot fetch secrets

[lawjeremy]

Library name and version

Azure.Security.Keyvault.Secrets 4.6.0

Describe the bug

I am using certificate authentication to access my keyvault and have it tested using the Azure cli. I am able to fetch secrets without issue.

However, in my .Net app the request fails with the message:

Client address is not authorized and caller is not a trusted service

This seems to be due to the fact that the library is not using the private endpoint associated with the keyvault.

The header from my .Net request:

x-ms-keyvault-network-info: conn_type=Ipv4;addr=removed;act_addr_fam=InterNetwork;

And from the cli request:

x-ms-keyvault-network-info: conn_type=PrivateLink;private_endpoint=removed;addr=removed;act_addr_fam=InterNetworkV6

I tried to use the uri of the private endpoint, but got the same error

Expected behavior

Expected the library to use the private endpoint

Actual behavior

Library does not use the private endpoint

Reproduction Steps

Try to fetch secrets from a keyvault that is only accessible via private endpoint, using the vault uri

Environment

windows 10 .net framework v4.8. visual studio 2022

[github-actions]

Thank you for your feedback. Tagging and routing to the team member best able to assist.

[JonathanCrd]

Thanks for the report, I will investigate this issue.

[heaths]

Also posted to Stack Overflow: https://stackoverflow.com/questions/78871281/azure-sdk-for-net-cant-fetch-secret-from-keyvault.

/cc @christothes since this is more of an identity question.