Retrieve Keycloak OIDC client secret from vault provider

lucascorailler · January 11, 2022, 3:01pm

Hello,
Is there a way to retrieve a Keycloak client’s client_secret from the Kubernetes files plain-text vault provider ?
Already did it for the SMTP password, it’s working fine, but I’d like something like this :

The goal is to be able to link a Kubernetes secret with both Keycloak to manage the OIDC client, and the actual web app that is client

In the documentation it is indeed said that only the fields below are able to use this feature. :

SMTP password
LDAP bind credential
OIDC identity provider secret

Is it in the backlog somewhere a plan to add this feature ?

Sorry if I am not clear, but thanks in advance for your help,

Best regards,

dasniko · January 11, 2022, 3:22pm

This is not yet supported by Keycloak. There is somewhere a discussion item about client secrets, not only serving it from a vault, but also other aspects.
See somewhere here:

jfreeman-hbo · August 15, 2022, 11:12pm

We also really wish this was a feature. Wondering what the complexity involved in this would be?

Topic		Replies	Views
OIDC identity provider secret Getting advice authentication , ldap , oidc	0	425	January 23, 2022
Hashicorp Vault with KeyCloak identity provider Getting advice oidc	1	3814	July 15, 2020
OIDC in Identity Provider Token retrieve oidc	0	83	February 14, 2024
Keycloak OIDC IDP with Angular Securing applications identity-brokering , oidc	0	635	February 14, 2022
Unable to Retrieve Identity Provider(IDP) token Getting advice identity-brokering	0	1399	October 24, 2021

Retrieve Keycloak OIDC client secret from vault provider

Related Topics