Azure functions - where to store configuration values

Apologies if this is a stupid question, but is settings > configuration the correct place to store environment specific values for an azure function?

e.g. When connecting to microsoft.graph, the following are required:

1. Tenant Id
2. Client Id
3. Client Secret

Is it correct to store the client id & tenant id in settings > configuration, and then store the secret in a key vault?

Yes, it is.

Connection strings, environment variables, and other application settings are defined separately for each function app.

and

You can create any number of application settings required by your function code. There are also predefined application settings used by Functions. To learn more, see the App settings reference for Azure Functions.

These settings are stored encrypted. To learn more, see Application settings security.

Application settings can be managed from the Azure portal and by using the Azure CLI and Azure PowerShell. You can also manage application settings from Visual Studio Code and from Visual Studio.

and

Use application settings

The function app settings values can also be read in your code as environment variables.

Source: Manage your function app - Work with Application Settings.

For settings that are already available, see the App settings reference for Azure Functions.

Configuration settings that you want to share between (function) apps can be stored externally in a persisted store like App Configuration.

Azure App Configuration provides a service to centrally manage application settings and feature flags. Modern programs, especially programs running in a cloud, generally have many components that are distributed in nature. Spreading configuration settings across these components can lead to hard-to-troubleshoot errors during an application deployment. Use App Configuration to store all the settings for your application and secure their accesses in one place.