Hi Stian,
Remember that in EAP 7.1+ there is a new credential-store, vault is
considered legacy [1]. Think about using the credential-store API
instead of the vault.
Regards.
[1]
https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_ap...
On 5/27/19 1:24 PM, Stian Thorgersen wrote:
Currently we recommend encrypting credentials at the database layer,
but
this is not well documented. It is also not a trivial thing to achieve and
may have performance implications.
With that in mind we are planning to introduce a secure credentials store.
It's very early days, but one thing is certain and that is we will
introduce a Vault SPI to allow plug-ability.
To join the discussion read the initial notes around the subject here
https://github.com/keycloak/keycloak-community/blob/master/design/secure-...
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev