Vishwas1
commented
4 years ago - Lookat all the flow from hs-auth-server to keycloak to hs-mobile app and see if there is any security issue there in the communication?
- One thing we can thing we can look into is : hs-auth-server can provide a certificate to keycloak and can become an certificate authority