Sensitive configuration values (config secrets)
Sensitive configuration values, such as passwords, shared secrets, and alike can be stored in three different ways:
- Secure External Storage: stored in an external protected key store and not in the main configuration file (recommended). For details, see Storing sensitive configuration values externally
- Obfuscated: stored “scrambled” in the main configuration file. Tt can be recovered if known how, i.e., it is not encrypted in a secure way.
- Plain: stored in clear text in the main configuration file (
iam-config.yamlormedusa-configuration.xml)
