Thanks - it's clear MSFT is working hard to get to a place where secret management is a first class part of the dev process and we're attempting to integrate with the classes you mention but as I understand it they only work with ASP.NET 5 so you can't use them in console app based test harnesses or Windows services or etc. That means we end up needing to have a bunch of provider mechanisms, all essentially the same in principle but with different implementations for the different platform details. If it's not super easy for the dev to drop into a quick test app, they'll "just copy and paste the secrets for now" which is always the path to darkness.
Maybe a local (LAN?) NuGet feed with your preferred mechanism would help with the dev experience? You could even go as far as deploying custom templates. I don't think the new Configuration classes are limited to ASP.NET any more - and from the response I got on the issue tracker, if you find any hard dependencies report them as a bug.