[keycloak-user] Password in plain text

Marek Posolda mposolda at redhat.com
Tue Feb 26 09:24:19 EST 2019


Yes, with HTTP protocol, password is sent in plain-text to the server in 
the HTTP Post request. Hence it is shown in plain-text. Not sure if 
there is any nice way to avoid this?

Marek

On 26/02/2019 12:27, David Rodriguez wrote:
> Hi. I am just implementing keycloak, and taking a look at the calls, I see
> that the password is shown in text plain in the developer tools. Is that
> the expected behaviour?
>
>
> [image: keycloak_bug.png]
>
> Thanks in advance!
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user




More information about the keycloak-user mailing list