Reputation: 2372
Can Keycloak store user data encryted in postgres
I want to use keycloak as openId Connect implementation via docker with a postgres db. I could not find a resource where it is documented whether keycloak stores user data encrypted. Only passwords seem to be hashed. Postgres provides pgcrypto as a way to execute encryption and decryption at runtime. Is there a way to enable crypto for user data with keycloak?
Upvotes: 2
Views: 2589
Answers (1)
Reputation: 792
Keycloak provides an option called User Storage SPI
https://www.keycloak.org/docs/latest/server_development/#_user-storage-spi
With this, you can build a bridge between keycloak and your DB.
You will have the freedom to store your data in DB as per your convenience and when keycloak invokes the User storage SPI method you will have to return as per keycloak's specifications.
Upvotes: 2
Related Questions
- PostgreSQL Database encryption at rest
- Keycloak UserStorageProvider Python Implementation
- configuring keycloak with external postgres database
- KeyCloak User Credentials Encryption
- How to setup Keycloak with a postgres database in kubernetes
- Keycloak configure with PostgreSQL
- Authenticate postgrest api through keycloak
- Keycloak + postgresql configuration
- Use Keycloak`s users in own application
- Encrypt PostgreSQL database and obtain key from web application user