@Ignasi/@Andrea - I'm guilty for writing the code as it is in OAuth, I should have thought ahead.
Azure KeyVault has a dynamic resource (the vault URI) that authorization must be requested against. In the current PR, @Andrea added the KeyVaultFilter to support this, mostly duplicating ClientCredentialsSecretFlow. With Azure, conceivably we could use both ClientCredentialsJWTBearerTokenFlow and ClientCredentialsSecretFlow. My thought is, to isolate the changes (for now) in azurecompute-arm and figure out a way to work around this (while not duplicating the code as it is in the current PR). Once the PR is in, then work on updating jclouds proper and update azurecompute-arm accordingly. Thoughts? Thanks -jim
