Documentation Index

Fetch the complete documentation index at: https://support.fortanix.com/llms.txt

Use this file to discover all available pages before exploring further.

Fortanix DSM with Azure DevOps

  • Updated on Jun 11, 2026
  • Published on May 8, 2026
  • 5 minute(s) read
Prev Next

1.0 Introduction

This article describes how to integrate Fortanix-Data-Security-Manager (DSM) with Azure DevOps to securely access secrets within Azure DevOps pipelines.

Azure DevOps is an end-to-end development platform that helps organize and accelerate software delivery across the application lifecycle. To securely manage secrets in Azure DevOps pipelines, a reliable secret management solution is required.

2.0 Prerequisites

Before proceeding with the integration, ensure the following prerequisites are met:

3.0 Product Tested Version

The following product versions were tested:

  • Fortanix DSM version 5.6.2930 or later.

  • Node.js version 20 or later.

  • Azure Pipelines version 2.2.8

  • TypeScript version 5.9.3

  • @types/node version 25.4.0

  • tfx CLI version 0.23.1

4.0 Architecture Diagram

Figure 1: Architecture diagram

Users initiate Azure DevOps pipelines to execute automated workflows. During pipeline execution, the pipeline retrieves a Fortanix API key from an environment variable, which is stored as a secret to authenticate securely.

Using this API key, the pipeline communicates with Fortanix DSM to fetch the required secret. The retrieved secret is used within the pipeline runtime and can be consumed by Azure applications, ensuring secure access and management of sensitive data throughout the workflow.

5.0 Configure Fortanix DSM

A Fortanix DSM service must be configured, and the URL must be accessible. To create a Fortanix DSM account and group, refer to the following sections:

5.1 Signing Up

To get started with the Fortanix DSM cloud service, you must register an account at <Your_DSM_Service_URL>. For example, https://amer.smartkey.io. On-premises customers use the KMS URL, and the SaaS customers can use the URLs as listed here based on the application region.

For more information on how to set up the Fortanix DSM, refer to Sign Up for Fortanix Data Security Manager SaaS.

5.2 Creating an Account

Access <Your_DSM_Service_URL> in a web browser and enter your credentials to log in to Fortanix DSM.

A screenshot of a login screen AI-generated content may be incorrect.

Figure 2: Logging In

For more information on how to set up an account in Fortanix DSM, refer to Getting Started with Fortanix DSM - UI.

5.3 Creating a Group

Perform the following steps to create a group in the Fortanix DSM:

  1. In the DSM left navigation panel, click the Groups menu item, and then click ADD GROUP to create a new group.

    Figure 3: Add a group

  2. On the Adding new group page:

    1. Title: Enter a name for your group.

    2. Description (optional): Enter a short description of the group.

  3. Click SAVE to create the new group.

The new group is added to the Fortanix DSM successfully.

5.4 Creating an Application

Perform the following steps to create an application (app) in the Fortanix DSM:

  1. In the DSM left navigation panel, click the Apps menu item, and then click ADD APP to create a new app.

    Figure 4: Add an application

  2. On the Adding new app page:

    1. App name: Enter the name for your application.

    2. ADD DESCRIPTION (optional): Enter a short description of the application.

    3. Authentication method: Select the default API Key as the authentication method from the drop down menu. For more information on these authentication methods, refer to Authentication.

    4. Assigning the new app to groups: Select the group created in Section 5.3: Creating a Groupfrom the list.

  3. Click SAVE to add the new application.

The new application is added to the Fortanix DSM successfully.

5.5 Copying the API Key

Perform the following steps to copy the API key from the Fortanix DSM:

  1. In the DSM left navigation panel, click the Apps menu item, and then click the app created in Section 5.4: Creating an Application to go to the detailed view of the app.

  2. On the INFO tab, click VIEW API KEY DETAILS.

  3. From the API Key Details dialog box, copy the API Key of the app to retrieve the Azure DevOps secret as described in Section 6.2: Configure and Test the Extension in Pipelines.

5.6 Importing a Security Object

Perform the following steps to import security objects in the Fortanix DSM:

  1. In the DSM left navigation panel, click the Security Objects menu item, and then click ADD SECURITY OBJECT to create a new security object.

    Figure 5: Adding a security object

  2. On the Add new Security Object page:

    1. Security Object Name: Enter a name for your security object.

    2. Group: Select the group as created in Section 5.3: Creating a Group.

    3. Select IMPORT.

    4. In the Choose a type section, select the Secret key type.

    5. In the Place value here or import from file section, select the value format type as Text only and enter the object value (For example, ADO-object).

    6. In the Key operations permitted section, select the required operations to define the actions that can be performed with the cryptographic keys, such as encryption, decryption, signing, and verifying, except EXPORT.

  3. Click IMPORT to create the new security object.

The new security object is added to the Fortanix DSM successfully.

6.0 Integration Steps

Refer to the following sections for the integration steps:

6.1 Install the Extension

Perform the following steps to install the extension:

  1. Log in to Azure DevOps.

  2. Navigate to Fortanix-Secret-Management.

  3. Click Get it free.

    Figure 6: Get it free

  4. Select an Azure DevOps organization.

  5. Click Install to install the organization.

    Figure 7: Install the Organization

6.2 Configure and Test the Extension in Pipelines

Perform the following steps:

  1. Navigate to your Azure DevOps organization. (https://dev.azure.com/<organization_name>).

  2. Select Projects tab, and then click + New project.

    Figure 8: Create a new project

  3. Enter the project details and create the project.

  4. Navigate to Pipelines and click Create Pipeline to add a new pipeline.

  5. Configure your repository to store the pipeline YAML file.

    Figure 9: Configure the repository

  6. Export the following Environment Variables:

    Figure 10: Export the variables

    Ensure that the Keep the value secret check box is enabled.

  7. Configure Fortanix-Secret-Management Task:

    1. In the pipeline editor, navigate to Tasks (under the Review tab).

    2. Search for Fortanix.

    3. Select Fortanix-Secret-Management task.

    4. Enter the following values and click Add.

      • FORTANIX_API_ENDPOINT: Obtain it from the environment variable$(FORTANIX_API_ENDPOINT).

      • FORTANIX_API_KEY: Obtain it from the environment variable $(FORTANIX_API_KEY).

      • FORTANIX_SECURITY_OBJECT_NAME: Specifies the name of the security object generated in Section 5.6: Importing a Security Object.

      • FORTANIX_SECURITY_OBJECT: Exports the security object to this variable as a secret.

      Figure 11: Add the variables

      The variables are added successfully.

      Figure 12: Variables added to Pipeline

    5. Click Save and run to run the pipeline. Ensure the pipeline runs successfully.

      Figure 13: Completion of the task

Related articles

Platform
Fortanix Armor
Armet AI Key Insight Data Security Manager Confidential Computing Manager
Open Source Platform
Enclave Development Platform®

Solutions
Use Cases
Legacy to Cloud Infrastructure Migration Regulatory Compliance Post-Quantum Readiness Secure, Data-Driven Innovation
Industry
Healthcare Banking & Financial Services Fintech Manufacturing Federal Government

Company
About Us Partners Careers Confidential Computing University Blog FAQ Contact Us Awards Events Webinars Press News Services Media Kit Newsletters

Customers

Resources

Support
Fortanix-logo

4.6

star-ratings

As of August 2025

Request a Demo