This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.
This is just a proposal so far, it hasn't been accepted and needs further discussion.
Some other providers let you see the client secret multiple times.
- Only store the hash and not support viewing it later
- Store the secrets as plaintext
- Store the secrets encrypted
- Store a prefix of the secret
Chosen option: Only store the hash and not support viewing it later
- Simple & Secure
- We don't really have anything we can securely use to encrypt these secrets