Hi Community,
I am exploring options to avoid storing credentials directly inside data connection configurations.
One approach I am considering is:
• Store credentials in Azure Key Vault
• Access those secrets securely
• Pass the secret values as variables into data connection parameters
I wanted to understand if this pattern is actually supported and how practical it is in real implementations.
Specifically looking for guidance on:
• Can data connection parameters accept values dynamically from a vault or do they need to be static at setup time
• Is it possible to inject secrets at runtime during connection refresh
• Where is the right place to fetch the secret from Azure Key Vault
• How complex this setup typically becomes in production
• How secret rotation is usually handled without recreating the connection
If anyone has implemented something similar, I would really appreciate insights on feasibility, limitations, and the right direction to get started.
Thanks in advance for your help and experience.