Close popover
Milan Patra (MilanPatra)
Senior Consultant
MilanPatra Member since 2013 7 posts
Posted: July 3, 2019
Last activity: July 10, 2019

Using the 'Always Encrypted' feature of Azure SQL server

Requirement is to connect to azure sql database which has 'Always Encrypted' feature on to encrypt few columns in a table.

For this, we have created the database rule and able to successfully connect to the database and fetching the data. However the data are in encrypted form for the columns which were encrypted using the 'Always Encrypted' feature.

DBA has shared the application id and secret key after creating the Column encryption key, Column Master Key and registering them.

Now, going by the link -

It says that client applications need to instantiate the SQLServerColumnEncryptionAzureKeyVaultProvider and register it with the driver using the below code snippet:

String clientID = "<Azure Application ID>";
String clientKey = "<Azure Application API Key Password>";
SQLServerColumnEncryptionAzureKeyVaultProvider akvProvider = new SQLServerColumnEncryptionAzureKeyVaultProvider(clientID, clientKey);
Map<String, SQLServerColumnEncryptionKeyStoreProvider> keyStoreMap = new HashMap<String, SQLServerColumnEncryptionKeyStoreProvider>();
keyStoreMap.put(akvProvider.getName(), akvProvider);
String connectionUrl = "jdbc:sqlserver://<server>:<port>;databaseName=<databaseName>;user=<user>;password=<password>;columnEncryptionSetting=Enabled;"

It also says-


If you use the Azure Key Vault keystore provider, the Azure Key Vault implementation of the JDBC driver has dependencies on these libraries (from GitHub) which must be included with your application:


azure-activedirectory-library-for-java libraries"


1. I am not sure how pega application can be registered as mentioned in this document. Does the JDBC driver API methods handle that? Do we need to any custom coding for this in Pega?

2. Not sure how to include the dependent Library files and where. Has anybody done this before? Any help is appreciated. Thank you.

Data Integration Security
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.