DEVHIDE
Login Or Sign up

Credentials in the realms export data of keyCloak

2k Views Asked by At

As per my understanding , we can do import or export realms data of keycloak by specifying some java opts on keycloak startup.

Regarding data export , the exported realms json data will also the have the credentials? If yes , then it won't cause security issues as anyone can check the credentials by opening the exported json file.

security keycloak jdbcrealm idp
Original Q&A
1

There are 1 best solutions below

0
dreamcrash On

Regarding data export , the exported realms json data will also the have the credentials?

Yes, if you use the option -Dkeycloak.migration.action=export during the keycloak started up. However, from the Keycloak Documentation:

Keycloak collects user credentials, such as password, OTP codes, and WebAuthn public keys. This information is encrypted and saved in a database, so it is not visible to Keycloak administrators. However, each type of credential can include non-confidential metadata that is visible to administrators such as the algorithm that is used to hash the password and the number of hash iterations used to hash the password.

The same applies to the Json File as long as the passwords are encrypted it is fine.

Related Questions in SECURITY

Related Questions in KEYCLOAK

Related Questions in JDBCREALM

Related Questions in IDP

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

.

Copyright © 2021 Jogjafile Inc.