Obscure the client secret in the application screen
Problem
Auditors might be giving folks a hard time about client secrets being exposed in the admin UI.
Solution
The same way API keys are obscured, it'd be good to obscure the client secret in the admin UI. They should be available via clicking the secret (because there are times you need to be able to copy/paste them) but not fully visible by default.
Would need to do this both on the edit and view screen.
Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.
Obscure the client secret in the application screen
Problem
Auditors might be giving folks a hard time about client secrets being exposed in the admin UI.
Solution
The same way API keys are obscured, it'd be good to obscure the client secret in the admin UI. They should be available via clicking the secret (because there are times you need to be able to copy/paste them) but not fully visible by default.
Would need to do this both on the edit and view screen.
Alternatives/workarounds
Limit access to the application config screen.
Additional context
Came up on a customer call.
Community guidelines
All issues filed in this repository must abide by the FusionAuth community guidelines.
How to vote
Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.