Azure Function App using Managed Service Identity to retrieve Creds from Azure Key Vault

GetCredsFromKeyVault.ps1

# MSI Variables via Function Application Settings Variables
# Endpoint and Password
$endpoint = $env:MSI_ENDPOINT
$endpoint
$secret = $env:MSI_SECRET
$secret

# Vault URI to get AuthN Token
$vaultTokenURI = 'https://vault.azure.net&api-version=2017-09-01'
# Our Key Vault Credential that we want to retreive URI
# NOTE: API Ver for this is 2015-06-01
$vaultSecretURI = 'https://<yourKeyVault>.vault.azure.net/secrets/<KeyName>/<KeyID>/?api-version=2015-06-01'
# Create AuthN Header with our Function App Secret
$header = @{'Secret' = $secret}

# Get Key Vault AuthN Token
$authenticationResult = Invoke-RestMethod -Method Get -Headers $header -Uri ($endpoint +'?resource=' +$vaultTokenURI)
$authenticationResult
# Use Key Vault AuthN Token to create Request Header
$requestHeader = @{ Authorization = "Bearer $($authenticationResult.access_token)" }

# Call the Vault and Retrieve Creds
$creds = Invoke-RestMethod -Method GET -Uri $vaultSecretURI -ContentType 'application/json' -Headers $requestHeader

write-output "Credential ID: " $($creds.id)
write-output "Credential Value: " $($creds.value)