Summary

While using the library to load App Configuration, I’ve observed slow performance due to two key issues:

• Secrets are fetched from Key Vault sequentially
• No pre-emptive authentication is performed

Investigation

This behaviour was identified using Application Insights, with traces collected via OpenTelemetry on a Node.js process.

Below is an example trace showing a single configuration lookup referencing 14 secrets (which are stored in 4 x separate vaults):

The loadConfig trace wraps the point we call the load function:

Each secret fetch initially results in a 401 (unauthenticated), followed by a successful retry after authentication. This happens for every unique Key Vault endpoint used.

Despite the environment running within Azure, the full configuration load takes approximately 2 seconds, introducing noticeable latency.

Expected behaviour

Performance could be improved significantly if:

• Secrets were fetched in parallel
• Authentication was performed proactively, avoiding repeated 401/retry cycles