Key vault Secret should have a content type set
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | keyvault |
| Provider | Azure |
Description#
Key Vault secrets are created without specifying a content type, making it unclear how the secret data should be interpreted or used by clients and applications. This omission can lead to misinterpretation of secret values when retrieved.
Impact#
Without a defined content type, applications and users may mishandle or incorrectly process secrets, increasing the risk of misconfiguration, operational errors, or accidental exposure of sensitive data due to misinterpretation.
Resolution#
Provide content type for secrets to aid interpretation on retrieval