I've got an app that uses Azure Key Vault to store a bunch of secrets. I created an app registration in the Azure Portal to get client secret and client id that I'm using to authenticate my app with the keyvault, but I don't want to store these keys in code or appconfig. Is there a better way to do this?
1 Answers
1
votes
You can use managed (when App Services) or system (for VMs) identity.
Essentially the app service (former case) or whole machine (in the latter) is recognised with Azure and is able to access resources (including Key Vault) without direct authentication.
See tutorial: https://docs.microsoft.com/en-us/azure/key-vault/managed-identity
