Save credentials for external data OAuth2 in db?

Hi there,

i have a project here wich uses dbAuth to authorize users.
There is the need now to integrate external data. in order to query this data, the user needs to be authenticated too by OAuth2.0 (different to the web login).

so a scenario would be: a user logs in to the redoodjs plattform using login / pw provided by the plattform. Then he wants to integrate external data (for example a map service using OAuth2.0) therefore he / she adds Request URL, Token URL Secret, client ID etc. in an interface and can now use the data.

The problem is, that i dont find a good way to store these credentials. Ideally each user adds his Authentication Methods to the db wich can then be used whenever needed. BUT that would mean storing the secrets in plaintext on the db - wich does not sound like a good idea.

Is there any way to store the credentials in the db without beeing cleartext? Or is the whole concept wrong (one could also say its not possible to store the credentials, each time the client wants to use the external data credentials must be typed in)

If there is any opinion on this topic i would be glad to hear!!

Thanks a lot!

One thing you could do is encrypt the creds using the user’s password as the encryption key. You would ask them to provide their password when saving new credentials, as well as every time they want to use those credentials.