This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 18%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
I've implemented sp_invoke_external_rest_endpoint to retrieve secrets from Azure Key Vault through Azure API Management.
^ SQL Code
However, I'm concerned about the security of this approach. If Database Auditing or a similar feature is enabled, what are the risks associated with my secrets potentially being exposed in the logs? Can anyone provide insights or best practices to ensure that secrets remain secure even with auditing enabled?
My thoughts are only the queries would be displayed in logs and not the secret value/output
@Erland Sommarskog : Can you please provide your thoughts and confirmation on this if possible?