Restructure.

Co-authored-by: Tom Kerkhove <kerkhove.tom@gmail.com>
kedacore · Mar 11, 2022 · 7daea41 · 7daea41
1 parent 04f2786
commit 7daea41
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/content/docs/2.7/concepts/authentication.md b/content/docs/2.7/concepts/authentication.md
@@ -223,11 +223,14 @@ hashiCorpVault:                                     # Optional.
 
 ### Azure Key Vault secret(s)
 
-You can pull secrets from Azure Key Vault into the trigger by using the `azureKeyVault` key. Users need to register an application
-with Azure Active Directory, and give permissions to it for accessing the key vault. The `clientId` and `tenantId` for the application
-are to be provided as part of the spec. The `clientSecret` for the application is expected to be within a secret on the cluster.
+You can pull secrets from Azure Key Vault into the trigger by using the `azureKeyVault` key. 
+
 The `secrets` list defines the mapping between the key vault secret and the authentication parameter.
 
+Users need to register an application with Azure Active Directory, and grant "read secret" permissions on the Azure Key Vault. Learn more in the Azure Key Vault [documentation](https://docs.microsoft.com/en-us/azure/key-vault/general/assign-access-policy?tabs=azure-portal).
+
+The `clientId` and `tenantId` for the application are to be provided as part of the spec. The `clientSecret` for the application is expected to be within a secret on the cluster.
+
 ```yaml
 azureKeyVault:                                      # Optional
   vaultURI: {key-vault-address}                     # Required