Need Pega to be able to mask & encrypt passwords in Pega’s Oath Authentication not only at the screen level but encrypt everywhere else such as the tracer level as well. This is a security issue.
This is the concern: Unlike the client secret that is masked and encrypted, the password credentials are not when we use the Grant Type = Password Credentials.
Without this, developers have access to our credentials.
***Edited by Moderator Marissa to change Content Type from Question to Discussion; added Idea tag***