🔐 Security Best Practices markdown Copy Edit

Security Best Practices

• ❌ DO NOT check clientSecret into source control
• ✅ DO use PowerShell SecretManagement module
• ✅ DO store credentials in Azure Key Vault in production use

Example using environment variables:

$clientSecret = $env:APIM_CLIENT_SECRET
Or, from Azure Key Vault:

powershell
Copy
Edit
$clientSecret = (Get-AzKeyVaultSecret -VaultName "MyKeyVault" -Name "ApimClientSecret").SecretValueText
yaml
Copy
Edit

---

### 🛠 **Troubleshooting**

```markdown
# Troubleshooting

## Problem: `Get-AzApiManagementUserGroup` not found

**Fix**: Use `Get-AzApiManagementGroupUser` instead – this cmdlet fetches users **within a group**.

---

## Problem: Subscription count error or object not iterable

**Fix**: Ensure this code is included:

```powershell
if ($subscriptions -isnot [System.Collections.IEnumerable]) {
    $subscriptions = @($subscriptions)
}