Quarkus-OIDC q_session_at and q_session encryption support for Browsers #23365
Replies: 1 comment 12 replies
-
|
/cc @pedroigor, @sberyozkin |
Beta Was this translation helpful? Give feedback.
-
|
Do I need to create a issue to track or it is not required. |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
-
|
@sberyozkin thanks. Looking forward to it. You rock as always . Every day i become a bigger fan of quarkus and thanks to lot of efforts put by the team. It's clean and perfect. |
Beta Was this translation helpful? Give feedback.
-
|
@Debu999 Thanks, np at all, we are here to help, glad you are enjoying Quarkus |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
While using Quarkus-OIDC it seems raw access token and id token is stored in browser cookies. Can that be encrypted to make it more secured. We usually are discouraged to have raw token exposed to the client or store in browser.
Is there anything to do to make a encryption decryption layer added to the cookie possibly a encryption key to be added to config to do encryption and decryption under the hood.
Beta Was this translation helpful? Give feedback.
All reactions