Managing ASP.NET Core Configuration Settings in Azure App Services

Bharat Dwarkani | Apr 6, 2020 | .NET Core

While hosting your ASP.NET Core Web App / API in Azure App services Windows/Linux, you would need to maintain configuration settings and secrets out of your application source code. In IIS or while self-hosting, you would store this in web config / appsettings.json.  Azure App Services provides a better simplified secure way to handle this configuration. In ASP.NET Core, configuration settings can be maintained either in appsettings.json / secrets.json in your machine. The best practice is to place secrets out of source control in secrets.json, using the Secret Management tool provided by the framework.

In Azure, you could store this under the Configuration section. Any settings placed in Azure App Service will take precedence and override settings placed in appsettings.json file of your application. At run time these settings are passed as environment variables to the application. The best thing is you don’t need to change any code to use settings stored in Azure. In development, you could use settings from app settings and while the app is published in Azure it will take settings from Azure configuration. Application settings placed in Azure are safe as they are encrypted at rest and transmitted over the encrypted channels as stated by Azure.

I will walkthrough below ways how configuration/secrets can be handled in Azure. Open your App service and head over to the Configuration section, here you can add your app settings as shown below in the screenshot.

A table below shows the difference between appsettings.json vs Azure equivalent settings

Format for storing Application Settings in Azure.

SettingName__FieldName  - If settings are flat this is the format

SettingName__SectionName__FieldName -  If settings are nested this is the format.

Note: Colon (:) is equivalent to Double Underscore (__) in Azure

Database Connection Strings in Azure can be stored under the connection string section.

In Example below CatalogEntity is the database connection string.

While storing settings if you are using different Slots (Production/Staging) then there is an option to specify setting based on slot, App Service will automatically take settings related to the specified slots. By this, you can also maintain two different settings one for production and another for staging.


Azure App settings


  "ConnectionStrings": {

    "CatalogEntity": "sql-connectionp-string"


  "RedisConnection": "redis-connection",

  "ExceptionLessKey": "secret-key", 

  "ServiceBusSettings": {

    "ConnectionString": "service-bus-connection-string",




Another interesting thing is you can also change environment mode in App settings without any changes in your code by adding Environment settings as shown below.

Settings can also be checked using Advanced Tools Kudu 

Hope this article provides you a simple guide to manage application and secrets in Azure.

For more details checkout official docs

visibility30 share bookmarks