My company has a strict compliance policy with respect to protecting the client secrets and passwords of azure active directory client apps(client secret for aad app
