Hashing available for client secret?

Is it possible to hash the client secrets?

What for?

The client secret has to be available in the clear to confidential clients.

Hmm, good point. I think what you are saying makes sense - meaning that you only have one chance to know a client secret, otherwise (with hash) it would not be retrievable.

I suppose what I should have asked - and what I’m trying to achieve - is how to secure the database (in our current case, Postgres) and especially things like client secrets. Right now I can log in and see things like client secret in plain text. Is there a current best practice(s) around this for hardening things in a production environment?

It’s more of a Postgres/database question. There are several articles out there about security hardening best practices. E.g.: