Add callout to consider what data is being exposed when using client side configuration.

jimmyca15 · jimmyca15 · commit 7e0e767b628c · 2025-10-13T13:59:44.000-04:00
diff --git a/articles/azure-app-configuration/howto-best-practices.md b/articles/azure-app-configuration/howto-best-practices.md
@@ -290,6 +290,8 @@ When you use App Configuration in client applications, ensure that you consider
 
 To address these concerns, we recommend that you use a proxy service between your client applications and your App Configuration store. The proxy service can securely authenticate with your App Configuration store without a security issue of leaking authentication information. You can build a proxy service by using one of the App Configuration provider libraries, so you can take advantage of built-in caching and refresh capabilities for optimizing the volume of requests sent to App Configuration. For more information about using App Configuration providers, see articles in Quickstarts and Tutorials. The proxy service serves the configuration from its cache to your client applications, and you avoid the two potential issues that are discussed in this section.
 
+It is important to consider that when surfacing configuration to client applications, configuration values will be visible to end users. Care should be taken to avoid unintended exposure of sensitive or internal data. For example, user and group names in feature flag targeting settings may be considered EUII (End User Identifiable Information).
+
 ## Multitenant applications in App Configuration
 
 A multitenant application is built on an architecture where a shared instance of your application serves multiple customers or tenants. For example, you may have an email service that offers your users separate accounts and customized experiences. Your application usually manages different configurations for each tenant. Here are some architectural considerations for [using App Configuration in a multitenant application](/azure/architecture/guide/multitenant/service/app-configuration). You can also reference the [example code for multitenant application setup](https://github.com/Azure/AppConfiguration/blob/main/examples/DotNetCore/MultiTenantApplicationSetup/README.md).
