Keeping OIDC client_secret out of git

Cantor, Scott cantor.2 at
Tue Jun 30 15:57:50 UTC 2020

On 6/30/20, 11:09 AM, "users on behalf of Darren Boss" <users-bounces at on behalf of darren.boss at> wrote:

> Is anyone doing something similar and come up with a solution?

The next plugin release is planning to support SAML metadata with a key-by-reference syntax that can pull the secrets from an external source. It's been prototyped with a REST sort of approach using the HTTP connector in the IdP.

Of course, the  *right* answer is public keys...

-- Scott

More information about the users mailing list