Sensitive configuration data can now be stored securely using the configurable Secret Provider in OpenCms, with AES encryption for enhanced protection.
Secure sensitive data with the OpenCms Secret Provider
The OpenCms Secret Provider enables secure handling of sensitive information such as API keys, passwords, and access tokens. These secrets can be accessed by templates or OpenCms modules, for example when integrating external systems.
Secrets are managed as key-value pairs in a dedicated file on the server’s real file system, providing a clear structure and straightforward administration. For security-critical environments, values can be protected using strong AES encryption, ensuring that confidential data is not exposed in plain text.
This approach provides a reliable and flexible solution for handling sensitive configuration data in OpenCms while significantly improving overall security.