Hi,
For my usecase, I have a relational database as a backend for Keycloak. Some secrets such as Oauth2 client secrets are stored in the database a clear text. Do you have any recommendation to harden the DB to improve security?
On the other hand, what would be the best practise from security perspective for deployment?
Thanks Marek.
A side tracked question: in Keycloak, would it be feasible to build an extension so that the secrets from client will be encrypted before it is processed downstream and it will be decrypted after it is read from DB? If it is feasible, can you please kindly point me to some documents?
Thanks again!
Chales