Azure App Configuration

Preventing OWASP MCP01 Token Mismanagement and Secret Exposure in a .NET MCP server with Key Vault, telemetry redaction, and runtime injection.

Preventing Token Mismanagement and Secret Exposure in MCP Servers

When building an MCP server for my side project (Biotrackr), one of the first things I had to think about was how to manage secrets. The MCP server needs an APIM subscription key to call downstream health data APIs, and it also exposes an API key for clients connecting to it. That’s two secrets that need to be stored, distributed, and protected and if either one leaks, the blast radius could extend across the entire platform. ...

March 23, 2026 · 12 min · Will Velida
Feature Flag code.

Implementing Feature Flags in Azure Functions with Azure App Configuration

In Azure App Configuration, we can implement feature flags that allows us to decouple feature releases from code deployment and allows us to implement changes quickly to feature availability on demand. This allows us to test new features in production, turn features on or off without having to redeploy our code and wrap features around application functionality that we’re currently developing. There are some basic concepts to understand when working with feature management in Azure App Configuration: ...

February 17, 2022 · 8 min · Will Velida