Hi Jason, 

The problem you described is exactly what Azure Key Vault is designed to solve. I have used it and can highly recommend it. 

If you're ready to give it a go, here are the two C# examples I used to get started;

• https://docs.microsoft.com/en-us/azure/key-vault/tutorial-net-create-vault-azure-web-app
• https://docs.microsoft.com/en-us/azure/key-vault/quick-create-net

If you're not very familiar with Azure Key Vault, here are some additional resources;

• What is Azure Key Vault (Technical Doco) https://docs.microsoft.com/en-us/azure/key-vault/key-vault-whatis
• Azure Learning (Basic Beginner Course) - https://docs.microsoft.com/en-us/learn/modules/manage-secrets-with-azure-key-vault/

I'd love to hear how you got on.

This isn't really an Episerver question, but more of a standard .Net question.

I wouldn't have them as properties on a start page. You don't want to expose infrastructure related configurations to content admins - that's not what a CMS is for.

You have a few options, and it really depends on the tooling you have in place.

For example, I've always delegated configuration transforms to the continious integration build pipeline we have in place. We use Octopus Deploy, so it's relatively straightforward to set up a transform which swaps out configuration items with "variables" stored in Octopus prior to deploying a package. 

But you might be using something different like Azure DevOps or similar - most industry standard CI/CD tooling software will ship with something that will allow you to achieve this. 

We also use config transforms for environment settings.

I guess the part of @jason's original post that relates to Episerver is where he says I want to make the credentials editable by administrators.

You could provide them access to the Azure Portal to manage Azure Key Vault secrets, but that could be hard to manage, so I'd suggest using it's API (Nuget) to build the Admin UI inside Episerver, either in a specific settings page (Events) or as a Module (🤔 I quite like the Module approach but its a lot more work).

There are several ways to store config inside Epi without exposing it to regular editors (which I agree is NOT recommended). 

If config transformation is not necessary for your credentials, you could always hide your settings away in admin mode as plugin config (via Plug-in Manager).

I wrote a blog post a few years back about several options to store config: https://www.epinova.no/en/blog/configuration-options-for-episerver-sites/

Thanks for all the good feedback guys. It really helps me make an informed decision.

I also wanted to add I found another option that others may consider. If you are running in the DXC like we are, the azure application for your site has a section for configuration. You can add configuration key/value pairs there that you can read at runtime as if they exist in your web.config in the appSettings section. They are store encrypted in azure and can be managed administratively in integration manually, but prep and prod require you to submit a ticket to support create them. We like this option the best because it was such a minimal setup and code to accomplish the same goals. Thanks for your help guys.