review

dlepow · dlepow · commit 312c8eb21bf7 · 2024-09-16T09:00:06.000-07:00
diff --git a/articles/api-management/authentication-certificate-policy.md b/articles/api-management/authentication-certificate-policy.md
@@ -48,7 +48,7 @@ ms.author: danlep
 ### Usage notes
 
 - We recommend configuring [key vault certificates](api-management-howto-mutual-certificates.md) to manage certificates used to secure access to backend services.
-- If you configure certificates or passwords not stored in the built-in certificate store, we recommend using [named values](api-management-howto-properties.md) to provide credentials.
+- If you configure a certificate password in this policy, we recommend using a [named value](api-management-howto-properties.md).
 
 
 ## Examples
diff --git a/includes/api-management-credentials-caution.md b/includes/api-management-credentials-caution.md
@@ -6,4 +6,4 @@ ms.date: 09/11/2024
 ms.author: danlep
 ---
 > [!CAUTION]
-> Minimize risks of credential exposure when configuring this policy. Microsoft recommends that you use the most secure authentication methods supported by your backend, and protect sensitive information in policy definitions, for example by using [named values](../articles/api-management/api-management-howto-properties.md) and storing secrets in Azure Key Vault. 
+> Minimize risks of credential exposure when configuring this policy. Microsoft recommends that you use more secure authentication methods if supported by your backend, such as [managed identity authentication](../articles/api-management/authentication-managed-identity-policy.md) or [credential manager](../articles/api-management/credentials-overview.md). If you configure sensitive information in policy definitions, we recommend using [named values](../articles/api-management/api-management-howto-properties.md) and storing secrets in Azure Key Vault. 
