diff --git a/src/Confix.Tool/src/Confix.Tool/ThrowHelper.cs b/src/Confix.Tool/src/Confix.Tool/ThrowHelper.cs
index 3474d4dd..952b33d9 100644
--- a/src/Confix.Tool/src/Confix.Tool/ThrowHelper.cs
+++ b/src/Confix.Tool/src/Confix.Tool/ThrowHelper.cs
@@ -1,3 +1,5 @@
+using Confix.Tool.Commands.Logging;
+
 namespace Confix.Tool;
 
 public static class ThrowHelper
@@ -30,4 +32,23 @@ public static Exception VariableNotFound(string name) =>
 
     public static Exception CouldNotParseJsonFile(FileInfo file)
         => throw new ExitException($"File {file.FullName} has invalid content.");
+
+    public static Exception SecretNotFound(Exception innerException) =>
+        new ExitException("Secret does not exist in this provider.", innerException)
+        {
+            Help =
+                $"try running {"confix variables list".AsHighlighted()} to list all available variables"
+        };
+
+    public static Exception AccessToKeyVaultFailed(Exception innerException) =>
+        new ExitException("Access to Key Vault failed", innerException)
+        {
+            Help = "check if you have the required permissions to access the Key Vault"
+        };
+
+    public static Exception AuthenticationFailedForVault(Exception innerException) =>
+        new ExitException("Authentication for Key Vault failed", innerException)
+        {
+            Help = $"try running {"az login".AsHighlighted()} to authenticate with Azure"
+        };
 }
diff --git a/src/Confix.Tool/src/Confix.Tool/Utilities/Azure/KeyVaultExtension.cs b/src/Confix.Tool/src/Confix.Tool/Utilities/Azure/KeyVaultExtension.cs
index 8da0f00e..0deb6d9b 100644
--- a/src/Confix.Tool/src/Confix.Tool/Utilities/Azure/KeyVaultExtension.cs
+++ b/src/Confix.Tool/src/Confix.Tool/Utilities/Azure/KeyVaultExtension.cs
@@ -3,30 +3,27 @@
 using Confix.Tool;
 using Confix.Tool.Commands.Logging;
 
-namespace Confix.Utilities.Azure
+namespace Confix.Utilities.Azure;
+
+public static class KeyVaultExtension
 {
-    public static class KeyVaultExtension
+    public static async Task<T> HandleKeyVaultException<T>(Func<Task<T>> action)
     {
-        public static async Task<T> HandleKeyVaultException<T>(Func<Task<T>> action)
+        try
+        {
+            return await action();
+        }
+        catch (RequestFailedException ex) when (ex.ErrorCode == "SecretNotFound")
+        {
+            throw ThrowHelper.SecretNotFound(ex);
+        }
+        catch (RequestFailedException ex)
+        {
+            throw ThrowHelper.AccessToKeyVaultFailed(ex);
+        }
+        catch (AuthenticationFailedException ex)
         {
-            try
-            {
-                return await action();
-            }
-            catch (RequestFailedException ex)
-            {
-                throw new ExitException("Access to Key Vault failed", ex)
-                {
-                    Help = "check if you have the required permissions to access the Key Vault"
-                };
-            }
-            catch (AuthenticationFailedException ex)
-            {
-                throw new ExitException("Authentication for Key Vault failed", ex)
-                {
-                    Help = $"try running {"az login".AsHighlighted()} to authenticate with Azure"
-                };
-            }
+            throw ThrowHelper.AuthenticationFailedForVault(ex);
         }
     }
-}
\ No newline at end of file
+}