Store realm keys in Vault

Can Vault be used to store Keycloak secrets (in particular - realm keys)? I found https://issues.redhat.com/browse/KEYCLOAK-3205 but cannot figure out how Vault can be actually “plugged” to a Keycloak server.

2 Likes

I’m also interested in understanding how this might work. I see there is documentation on configuring Keycloak to retrieve secrets from Vault, but the docs don’t mention the encryption keys (i.e. Realm keys)—in my opinion, the most important secrets Keycloak needs.

Is there any information around about how EKM can be made more secure and more automated with Keycloak + Vault?