shreemaan-abhishek commented on code in PR #10291: URL: https://github.com/apache/apisix/pull/10291#discussion_r1359200769
########## docs/en/latest/plugins/authz-keycloak.md: ########## @@ -48,7 +48,7 @@ Refer to [Authorization Services Guide](https://www.keycloak.org/docs/latest/aut | token_endpoint | string | False | | https://host.domain/auth/realms/foo/protocol/openid-connect/token | An OAuth2-compliant token endpoint that supports the `urn:ietf:params:oauth:grant-type:uma-ticket` grant type. If provided, overrides the value from discovery. | | resource_registration_endpoint | string | False | | https://host.domain/auth/realms/foo/authz/protection/resource_set | A UMA-compliant resource registration endpoint. If provided, overrides the value from discovery. | | client_id | string | True | | | The identifier of the resource server to which the client is seeking access. | -| client_secret | string | False | | | The client secret, if required. | +| client_secret | string | False | | | The client secret, if required. You can use APISIX secret to store and reference this value. APISIX currently supports storing secrets in two ways. [Environment Variables](#use-environment-variables-to-manage-secrets) and [HashiCorp Vault](#use-vault-to-manage-secrets) | Review Comment: Does this PR introduce support to use env vars for accessing secrets? If yes, please add tests as well. Regarding the docs, it would be nice to have an example like this: (existing example that uses hard-coded value for secrets) You can also set secrets using the secret resource to avoid having sensitive information in plain text <-- add this line (add a basic configuration here) See (add link to secrets.md documentation) for more information. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
