Managing Keycloak client secrets with vault
A common practice to secure services is to use OAuth2. Keycloak is an open source implementation of OAuth’s authorization server and widely adopted technology across the IT industry. A delicate but important part of the OAuth setup is the distribution of sensitive client secrets to backend applications. In this talk I’ll show how we use our vault Keycloak plugin to distribute client secrets directly to an application running in nomad. You will learn how to avoid manual provisioning Keycloak client secrets in your application deployment. Therefore, mitigating the risk of exposing sensitive data.
A common practice to secure services is to use OAuth2. Keycloak is an open source implementation of OAuth’s authorization server and widely adopted technology across the IT industry. A delicate but important part of the OAuth setup is the distribution of sensitive client secrets to backend applications.
In this talk I’ll show how we use our vault Keycloak plugin to distribute client secrets directly to an application running in nomad.
You will learn how to avoid manual provisioning Keycloak client secrets in your application deployment. Therefore, mitigating the risk of exposing sensitive data.
More resources like this one
2/3/2023 | Case StudyAutomating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones
1/20/2023 | Case StudyAdopting GitOps and the Cloud in a Regulated Industry
12/31/2022 | PresentationPortable CD pipelines for Nomad with Vault and Dagger
12/31/2022 | PresentationSo My Credentials Have Been Leaked...Now What?
