You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Originally posted by debu999 February 2, 2022
While using Quarkus-OIDC it seems raw access token and id token is stored in browser cookies. Can that be encrypted to make it more secured. We usually are discouraged to have raw token exposed to the client or store in browser.
Is there anything to do to make a encryption decryption layer added to the cookie possibly a encryption key to be added to config to do encryption and decryption under the hood.
The text was updated successfully, but these errors were encountered:
Discussed in #23365
Originally posted by debu999 February 2, 2022
While using Quarkus-OIDC it seems raw access token and id token is stored in browser cookies. Can that be encrypted to make it more secured. We usually are discouraged to have raw token exposed to the client or store in browser.
Is there anything to do to make a encryption decryption layer added to the cookie possibly a encryption key to be added to config to do encryption and decryption under the hood.
The text was updated successfully, but these errors were encountered: