I'm using Spring Authorization Server for controlling access to services/resources and I have a list of client registrations configured in the application properties. I understand that the application properties are persisted in memory and will require redeployment if the properties are changed. I'm trying to figure out if there is a way to make client registrations persisted on a database and be able to add new clients without causing downtime.
I'm aware this is something to do with ClientRegistrationRepository but this was written for Spring Security 5 and now that we have a dedicated battery project (Spring Authorization Server) as a part of Spring Security 6, I would like to know if there is a better way to persist in a database for multiple client registrations and be able to dynamically add new clients without issuing any downtime. Thanks
As mentioned in comments, you can use JdbcRegisteredClientRepository (see docs). Simply register it as a bean using the provided schema (see table definition mentioned in javadoc), and your persisted clients are available without downtime.
Also see the sample config which demonstrates this.