In my solution, consumer of the messages on the Azure service bus is .net based application & we are implementing security aspects using AAD service principals by configuring app id & secret in consumer application app.config and it working fine, no issues with that.
While the application which is posting messages to Azure service bus is "GO" language based, where Azure service bus related SDK is not available to use AAD service principals while making Azure service bus related server calls. Can service principals be passed in as authorization header of Azure service bus related REST apis? not sure. So we are sending SAS signatures along with Azure service bus urls (in our case for posting message) which we are feeling as secure threat as there is high chance where SAS signatures may get compromised on transport layer for various reasons.
So for languages for which Azure sdks are not available like GO, Erlang etc what would be the best way to incorporate security aspect while integrating with azure service bus for publishing/subscribing to it ? apart from SAS signatures approach.
