Azure · pakrym · Apr 27, 2020 · Apr 24, 2020 · Apr 25, 2020 · Apr 25, 2020
diff --git a/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Keys/CHANGELOG.md b/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Keys/CHANGELOG.md
@@ -3,6 +3,7 @@
 ## 1.0.0-preview.2 (Unreleased)
 
 - Package renamed to Azure.Extensions.AspNetCore.DataProtection.Keys
+- Default overload of ProtectKeysWithAzureKeyVault now takes a Uri to be consistent with other extension methods and KeyVault clients.  
 
 ## 1.0.0-preview.1 (2020)
 

diff --git a/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Keys/README.md b/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Keys/README.md
@@ -35,7 +35,7 @@ public void ConfigureServices(IServiceCollection services)
 {
     services
         .AddDataProtection()
-        .ProtectKeysWithAzureKeyVault("<Key-ID>", new DefaultAzureCredential());
+        .ProtectKeysWithAzureKeyVault(new Uri("<Key-ID>"), new DefaultAzureCredential());
 }
 ```
 

diff --git a/...DataProtection.Keys/api/Azure.Extensions.AspNetCore.DataProtection.Keys.netstandard2.0.cs b/...DataProtection.Keys/api/Azure.Extensions.AspNetCore.DataProtection.Keys.netstandard2.0.cs
@@ -3,6 +3,6 @@ namespace Microsoft.AspNetCore.DataProtection
     public static partial class AzureDataProtectionKeyVaultKeyBuilderExtensions
     {
         public static Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder ProtectKeysWithAzureKeyVault(this Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder builder, string keyIdentifier, Azure.Core.Cryptography.IKeyEncryptionKeyResolver keyResolver) { throw null; }
-        public static Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder ProtectKeysWithAzureKeyVault(this Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder builder, string keyIdentifier, Azure.Core.TokenCredential tokenCredential) { throw null; }
+        public static Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder ProtectKeysWithAzureKeyVault(this Microsoft.AspNetCore.DataProtection.IDataProtectionBuilder builder, System.Uri keyIdentifier, Azure.Core.TokenCredential tokenCredential) { throw null; }
     }
 }
diff --git a/...ons.AspNetCore.DataProtection.Keys/src/AzureDataProtectionKeyVaultKeyBuilderExtensions.cs b/...ons.AspNetCore.DataProtection.Keys/src/AzureDataProtectionKeyVaultKeyBuilderExtensions.cs
@@ -1,6 +1,7 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
+using System;
 using Azure.Extensions.AspNetCore.DataProtection.Keys;
 using Azure.Core;
 using Azure.Core.Cryptography;
@@ -24,9 +25,10 @@ public static class AzureDataProtectionKeyVaultKeyBuilderExtensions
         /// <param name="keyIdentifier">The Azure Key Vault key identifier used for key encryption.</param>
         /// <param name="tokenCredential">The token credential to use for authentication.</param>
         /// <returns>The value <paramref name="builder"/>.</returns>
-        public static IDataProtectionBuilder ProtectKeysWithAzureKeyVault(this IDataProtectionBuilder builder, string keyIdentifier, TokenCredential tokenCredential)
+        public static IDataProtectionBuilder ProtectKeysWithAzureKeyVault(this IDataProtectionBuilder builder, Uri keyIdentifier, TokenCredential tokenCredential)
         {
-            return ProtectKeysWithAzureKeyVault(builder, keyIdentifier, new KeyResolver(tokenCredential));
+            Argument.AssertNotNull(keyIdentifier, nameof(keyIdentifier));
+            return ProtectKeysWithAzureKeyVault(builder, keyIdentifier.ToString(), new KeyResolver(tokenCredential));
         }
 
         /// <summary>

diff --git a/...zure.Extensions.AspNetCore.DataProtection.Keys/tests/DataProtectionKeysFunctionalTests.cs b/...zure.Extensions.AspNetCore.DataProtection.Keys/tests/DataProtectionKeysFunctionalTests.cs
@@ -33,7 +33,7 @@ public async Task ProtectsKeysWithKeyVaultKey()
 
             var testKeyRepository = new TestKeyRepository();
 
-            serviceCollection.AddDataProtection().ProtectKeysWithAzureKeyVault(key.Value.Id.ToString(), credential);
+            serviceCollection.AddDataProtection().ProtectKeysWithAzureKeyVault(key.Value.Id, credential);
 
             serviceCollection.Configure<KeyManagementOptions>(options =>
             {

diff --git a/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Keys/tests/Snippets.cs b/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Keys/tests/Snippets.cs
@@ -17,7 +17,7 @@ public void ConfigureServices(IServiceCollection services)
             {
                 services
                     .AddDataProtection()
-                    .ProtectKeysWithAzureKeyVault("<Key-ID>", new DefaultAzureCredential());
+                    .ProtectKeysWithAzureKeyVault(new Uri("<Key-ID>"), new DefaultAzureCredential());
             }
             #endregion
         }