VaultProvider (Keycloak Docs Distribution 21.1.2 API)

All Superinterfaces:

Provider

All Known Implementing Classes:

AbstractVaultProvider, FilesPlainTextVaultProvider
```
public interface VaultProvider
extends Provider
```
Provider interface for a vault. The only purpose of a vault is retrieval of secrets.

- Method Summary
  
  All Methods Instance Methods Abstract Methods
  Modifier and Type Method Description
  
  VaultRawSecret obtainSecret(String vaultSecretId)
  Retrieves a secret from vault.
  - Methods inherited from interface org.keycloak.provider.Provider
    close

- Method Detail
  - obtainSecret
```
VaultRawSecret obtainSecret(String vaultSecretId)
```
    Retrieves a secret from vault. The implementation should respect at least the realm ID to separate the secrets within the vault. If the secret is retrieved successfully, it is returned; otherwise this method results into an empty VaultRawSecret.get(). This method is intended to be used within a try-with-resources block so that the secret is destroyed immediately after use. Note that it is responsibility of the implementor to provide a way to destroy the secret in the returned VaultRawSecret.close() method.
    
    Parameters:
    
    vaultSecretId - Identifier of the secret. It corresponds to the value entered by user in the respective configuration, which in turn is obtained from the vault when storing the secret.
    
    Returns:
    
    Always a non-null value with the raw secret. Within the returned value, the secret or null is stored in the VaultRawSecret.get() return value if the secret was successfully resolved, or an empty Optional if the secret has not been found in the vault.