Security Best Practices - meezankhan9/export-apim-subscriptions-with-users GitHub Wiki
🔐 Security Best Practices markdown Copy Edit
Security Best Practices
- ❌ DO NOT check
clientSecret
into source control - ✅ DO use PowerShell SecretManagement module
- ✅ DO store credentials in Azure Key Vault in production use
Example using environment variables:
$clientSecret = $env:APIM_CLIENT_SECRET
Or, from Azure Key Vault:
powershell
Copy
Edit
$clientSecret = (Get-AzKeyVaultSecret -VaultName "MyKeyVault" -Name "ApimClientSecret").SecretValueText
yaml
Copy
Edit
---
### 🛠 **Troubleshooting**
```markdown
# Troubleshooting
## Problem: `Get-AzApiManagementUserGroup` not found
**Fix**: Use `Get-AzApiManagementGroupUser` instead – this cmdlet fetches users **within a group**.
---
## Problem: Subscription count error or object not iterable
**Fix**: Ensure this code is included:
```powershell
if ($subscriptions -isnot [System.Collections.IEnumerable]) {
$subscriptions = @($subscriptions)
}