Use encrypted named values#
Security · API Management · 2020_06
API Management named values should be encrypted.
Description#
API Management allows configuration properties to be saved as named values. Named values are a key/ value pairs, which may contain sensitive information.
When named values are marked as secret they are masked by default in the portal.
Recommendation#
Consider encrypting all API Management named values.
Additionally consider, using Key Vault to store secrets. Key Vault improves security by tightly controlling access to secrets and improving management controls.
Links#
Last update:
2021-07-25