Layer7 API Management

  • Private Community

  • 1.  Encryption of OAuth's data

    Posted Jul 28, 2016 04:39 AM

    Hi,

     

    We want to encrypt the data(Token, client secret, key, and so on) which related to OAuth, and store the encrypted data to database(MySQL).

    Though MySQL has some Encryption Functions,  can API Gateway encrypt and store OAuth's data to database?

    If API Gateway has any way to encrypt OAuth's data, please let us know it.

     

     

    Thanks,

    Itai



  • 2.  Re: Encryption of OAuth's data

    Broadcom Employee
    Posted Jul 29, 2016 04:50 PM

    Hi Itai,

     

    As I am aware, we do not currently support encrypting/decrypting the tokens, secret, etc. in the database. However, there is an internal development incident open regarding this feature. I would recommend posting an idea around this to get some visibility.

     

    Regards,

    Joe



  • 3.  Re: Encryption of OAuth's data

    Posted Aug 02, 2016 04:14 AM

    Thanks dasjo02,

     

    I understood that API Gateway doesn't support encrypting/decrypting OAuth's data in the database.

    I think to post an idea about this feature soon.

     

    BTW, though Oracle Database and MySQL 5.7 Enterprise Edition supports Transparent Data Encryption(TDE), can API Gateway connect to Database which used TDE?



  • 4.  Re: Encryption of OAuth's data
    Best Answer

    Broadcom Employee
    Posted Aug 02, 2016 04:28 PM

    NTTAT

    It does not look like we officially support database encryption at the moment.