[keycloak-dev] Secure Credentials Store

[Stian Thorgersen]

Currently we recommend encrypting credentials at the database layer, but
this is not well documented. It is also not a trivial thing to achieve and
may have performance implications.

With that in mind we are planning to introduce a secure credentials store.
It's very early days, but one thing is certain and that is we will
introduce a Vault SPI to allow plug-ability.

To join the discussion read the initial notes around the subject here
https://github.com/keycloak/keycloak-community/blob/master/design/secure-credentials-store.md