[DOCU-2728] Update SSO docs re: passing secrets as environment variables Created: 24/May/23  Updated: 12/Jun/23  Resolved: 12/Jun/23

Status: Closed
Project: Documentation
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Neutral
Reporter: Mikaël Geljić Assignee: Julie Legendre
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Relates
relates to MGNLSSO-265 Possibility to implement custom SsoCo... Closed
documentation
documents MGNLSSO-184 Property Expansion in magnolia-sso/co... Closed
Documentation page URL: https://docs.magnolia-cms.com/magnolia-sso/3.1.3/guides/hiding-the-client-credentials-from-the-configuration-file.html

 Description   
  • in SSO 2.x, config was provided as a YAML decorator. The !env directive was not supported there. The docs mentioned a workaround to use a template file, and post-process it with the envsubst command, resulting in secrets stored in plain text, as you noted.
  • in SSO 3.x (since 3.0.1 actually), we now load config through a specific "yaml bridge", and we do support the !env directive there. So there shouldn't be any secrets in plain text anymore. We just realized that we forgot to update documentation for this. Let me file a ticket.

Generated at Mon Feb 12 01:29:44 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.