A retail company uses Azure Logic Apps to integrate with third-party APIs. One Logic App sends purchase orders to a supplier's HTTP endpoint. The supplier requires that the request include an OAuth 2.0 access token obtained from their authorization server. The company wants to manage the client credentials (client ID and client secret) securely and rotate them automatically. The Logic App must also log all requests for auditing. What should you do?
This allows secure credential storage and automatic rotation with Key Vault.
Why this answer
Option C is correct. Using HTTP + Swagger connector with managed identity and Key Vault integration allows secure storage and automatic rotation of credentials. Option A is wrong because the built-in HTTP action does not support managed identity.
Option B is wrong because the Managed API connector does not support OAuth token acquisition. Option D is wrong because the system-assigned managed identity cannot be used for external OAuth flows.