For added security, a new feature is introduced with K2 Cloud Update 17 to handle sensitive information for OAuth resources. OAuth resource configuration often contains highly sensitive information, such as a client_secret, which is a security threat if the value is compromised. To protect these sensitive values, a new option is now available in the OAuth Resource Type Parameter configuration in K2 Management called Store Encrypted Value.
When you select this option for a parameter on the resource type, all values associated with this parameter are encrypted in the K2 database and masked (hidden) with dots in the user interface. When typing new values into the fields on the configuration screen, the values display in clear text, and when you save it, dots replace the values in all user interfaces. The encryption and masking of the values have no impact on using the OAuth resource. OAuth flows still use the values as before in an unencrypted way. The option only affects how it is stored in the database and how it is shown in user interfaces.
When the option is selected, it applies to the following values:
In K2 Cloud Update 17, this feature is selected by default on the resource types and parameters listed below, and values are automatically encrypted.
When you create new OAuth resource types after the upgrade to K2 Cloud Update 17, ensure to select this option if you require the parameter to be encrypted.