For an Azure deployment adhering to the Microsoft Cloud Security Benchmark guidelines, you are tasked with designing a security architecture. Your focus is on implementing service accounts specifically for Azure API Management. What best practice recommendations should you propose for this implementation?