Faster Startup for Azure App Config

We are using Azure App Config and Azure Key Vault to store our configuration, secrets and feature flags for our .Net application. We noticed the Api startup locally and pod startup in Kubernetes seemed slow. After investigating, we learned that it was scanning multiple ways to authenticate to Azure to retrieve these values.

After limiting its choices, startup went from 10-15 seconds down to a few seconds. That makes everyone happier 🌞!

/// Program.cs
public static IHostBuilder CreateHostBuilder(string[] args) =>
    Host.CreateDefaultBuilder(args)
        .ConfigureAppConfiguration(config =>
        {
            var configurationRoot = config.Build();
            var configEndpoint = configurationRoot.GetRequiredSection("AppSettings:AppConfigEndpoint").Get<string>();
            config.AddAzureAppConfiguration(options =>
            {
                // we created SetupHelper.DefaultAzureCredentialOptions (see below) to tell DefaultAzureCredential where to look
                options.Connect(new Uri(configEndpoint), new DefaultAzureCredential(SetupHelper.DefaultAzureCredentialOptions))
                    .Select("AppSettings:*")
                    .ConfigureRefresh(refreshOption =>
                    {
                        refreshOption.Register("AppSettings:Sentinel", true)
                            .SetCacheExpiration(TimeSpan.FromDays(15));
                    })
                    .ConfigureKeyVault(kv =>
                    {
                        kv.SetCredential(new DefaultAzureCredential(SetupHelper.DefaultAzureCredentialOptions));
                    });
            });
        });

public class SetupHelper {
    public static DefaultAzureCredentialOptions DefaultAzureCredentialOptions => new DefaultAzureCredentialOptions()
    {
        ExcludeAzureDeveloperCliCredential = true,
        ExcludeEnvironmentCredential = true,
        ExcludeAzurePowerShellCredential = true,
        ExcludeInteractiveBrowserCredential = true,
        ExcludeSharedTokenCacheCredential = true,
#if DEBUG
        ExcludeVisualStudioCodeCredential = false,
        ExcludeVisualStudioCredential = false,
#else
        ExcludeVisualStudioCodeCredential = true,
        ExcludeVisualStudioCredential = true,
#endif
        ExcludeManagedIdentityCredential = true,
    };    
}

We mostly authenticate through Visual Studio on Windows, but this will also allow cli auth.

You may need to modify this for your needs.

Watch the Story for Good News

I gladly accept BTC Lightning Network tips at strike.me/aligned

Check out my Resources Page for referrals that would help me.

Use Swan Bitcoin to onramp with low fees and automatic daily cost averaging and get $10 in BTC when you sign up.

Use the Brave browser to block ads and trackers!

Faster Startup for Azure App Config

June 7, 2024 Development .Net Azure

Faster Startup for Azure App Config

Related Posts

December 18, 2025

F#, Microsoft Agent Framework, MCP and Bitcoin for the F# Advent Calendar 2025

November 6, 2025

Model Context Protocol (MCP) for AI Agent Integration

October 30, 2025

An F# MCP Client

Categories