The azuredeploy.parameters.json files contain placeholder values that must be replaced before deployment.

Before deploying, you must update the following values in azuredeploy.parameters.json:

1. postgresAdminPassword - Replace YOUR_POSTGRES_PASSWORD_HERE with a strong password
2. secretKey - Replace YOUR_SECRET_KEY_HERE with a value generated by: openssl rand -hex 32
3. utilsSecret - Replace YOUR_UTILS_SECRET_HERE with a value generated by: openssl rand -hex 32
4. azureClientId - Replace YOUR_AZURE_CLIENT_ID_HERE with your Azure AD Application (client) ID
5. azureClientSecret - Replace YOUR_AZURE_CLIENT_SECRET_HERE with your Azure AD Application client secret

• Never commit azuredeploy.parameters.json files with real secrets
• Use environment variables or Azure Key Vault for production deployments
• Rotate secrets regularly
• Use strong, randomly generated passwords
• Keep your local azuredeploy.parameters.json files in .gitignore or use a separate secrets management system

# Generate SECRET_KEY
openssl rand -hex 32

# Generate UTILS_SECRET
openssl rand -hex 32