Example
Keys:
let's say you need to encrypt sensitive user data (like SSN) before storing it in your database to ensure confidentiality. You would go for keys in Azure Key Vault. This key would be used to encrypt and decrypt the user data and you NO need to worry about the safety of these keys.
Secrets:
Say, your web application needs to connect to an external API that requires an API key for authentication. You would store this API key as a secret in Azure Key Vault, allowing your application to securely retrieve it when making API requests. whenever the vendor changes the key, you can update it in Secrets.
Hope this helps you.