Hi @JAL , thank you for reaching out.
ClientID and Client Secrets are parameters that are passed to AAD by MSAL, and here if you are using a confidential client (like: WebApp, WebAPI or Daemon/Service) that runs on Azure PaaS Service, or any other secured servers, in that case only the clientID gets exposed by MSAL but not the client secret, as the client secret is passed only in the backchannel to AAD and never directly exposed.
You can read more on Confidential clients and Public clients here: https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-client-applications
The rest of the queries related to Swagger, I believe posting a thread on the Swagger forums would be more beneficial to get answers to those.
Hope this helps.
Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.