Just found out about this cool little thing. Managed Service Identity (MSI) for Azure resources.
When enabled, it creates an identity for your service instance in your subscription Azure AD tenant. Your code can then make a local request to get access tokens for services that support Azure AD authentication. This removes the need for storing secrets in your application configuration.
On the + side , it`s totally free!
On the – side, it`s not supported for every Azure Service, but I`m sure that it is going to be soon.