I’m trying to do a personal project and I want to use either Azure Key Vault or the appsettings that the Azure Web Apps provide by default. But I have only one concern. I guess if I want to use these, I still need to store some sensitive information, like TenantId, ClientId, ClientSecret, or Thumbprint if I use certificate.

If I use secrets.json then in development I’m fine, but if I publish it to the control version the application won’t work without these sensitive information, right? And in the appsettings.json I wouldn’t use them, because I don't want them to get pushed to the source control with the file.

What are your thoughts?

Thanks in advance!

Expected outcome: I want to get the sensitive data from either Azure Key Vault or Azure Web App appsettings, but without using any sensitive data in appsettings.json. (I think (Azure) TenantId, ClientId, ClientSecret, Thumbprint are sensitive enough, but please correct me if I'm wrong.)

CodePudding user response：

You can use Azure Key Vault Secrets to store the following kind of values a. SQL Conn String b. Relay Conn String c. Client ID (Service Principal) d. Client Secret (Service Principal Pwd) e. Any other sensitive values which are not supposed to be disclosed to developers.

CodePudding user response：

Thank you @PeterBons @MattDouhan and @AlexeiLevenkov probably I need the Managed Identities :) Thank you guys for the quick help, I will mark the question resolved.

Well, I can't check my answer for 2 days, so after that I will mark the answer. :)