Presentation

Managing Keycloak client secrets with vault

A common practice to secure services is to use OAuth2. Keycloak is an open source implementation of OAuth’s authorization server and widely adopted technology across the IT industry. A delicate but important part of the OAuth setup is the distribution of sensitive client secrets to backend applications. In this talk I’ll show how we use our vault Keycloak plugin to distribute client secrets directly to an application running in nomad. You will learn how to avoid manual provisioning Keycloak client secrets in your application deployment. Therefore, mitigating the risk of exposing sensitive data.

A common practice to secure services is to use OAuth2. Keycloak is an open source implementation of OAuth’s authorization server and widely adopted technology across the IT industry. A delicate but important part of the OAuth setup is the distribution of sensitive client secrets to backend applications.

In this talk I’ll show how we use our vault Keycloak plugin to distribute client secrets directly to an application running in nomad.

You will learn how to avoid manual provisioning Keycloak client secrets in your application deployment. Therefore, mitigating the risk of exposing sensitive data.

More resources like this one