I am referring to Keycloak Javascript adapter as mentioned in :
https://www.keycloak.org/docs/4.5/securing_apps/index.html#_javascript_ad...
I have a confidential client and I have downloaded keycloak-oidc.json
containing client secret. Now I am not sure how secure is it to keep this
file containing client-secret at the client side.
Am I being over concerned?