Unhashing password credentials

I have an application that stores credentials and tokens for our customers. The idea is to have a recurring job that takes these credentials and make external API calls that require Oauth tokens to do so.

As I have understood the Credentials feature is a oneway hash and you can’t unhash the password to get it in plain text after you have hashed it, correct?

If the above tis true, how does one go about to store sensitive information in Fauna if I also have the need to get that data in plain text later? Do have have to encrypt it with a key on my end before I store it in my FaunaDB and when I read it I decrypt it?

Hi @Donny_Ho and welcome! I am sorry that it took so long to get to your question.

That is correct. Fauna does not store plain text passwords when using our built in authentication (Credentials feature).

That would be our recommendation: encrypt information in your application before storing in Fauna, then decrypt in your application once you read it back.

Yeah I figured that was the way to go, thanks :slight_smile:

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.