Hey,
I have a question about using Keycloak to store webhook secrets. I know it’s possible to store secrets, but is it a good practice to use it for webhook secrets?
Thanks,
well, it depends. Where are you going to use that webhook secret? is it per user, per client, per realm?
keycloak is a good place to store credentials after all if you want to connect to social login you will store their client-id and client-secret …
So, where do you plan to use that webhook secret?
Thanks, @lamoboos223, for your answer.
I plan to use it to store credentials for both the client and the user.
I think Keycloak can be a good storage solution for this case.
If you want to save a secret value for the user I suggest to make an extension to store this value just the way store the user’s password. Not entirely like a password because the password is hashed and salted but maybe you should encrypt it.
Also, you can think of adding a vault which is a totally different software that requires maintain
1 Like
This is the plan, as I am also considering using the Hashicorp vault to store the credentials, but I am trying to evaluate and compare the two solutions.
1 Like
Keycloak is not for key/secret storage. Use Vault or something similar.
3 Likes