Ryan Baxter

See https://github.com/spring-projects/spring-boot/issues/25766 https://github.com/spring-projects/spring-boot/commit/5774ea3f0c81de9776fc06cfbcb7c7d055f26333

The config server looks for something in the backend named `application` all properties within this store is served to all microservices. For example with Vault you could do ``` vault...

I am not sure I am understanding the problem.... It seems like if you structured your secrets like this: ``` /configserver/application/ ``` And placed all common secrets under there all...

This can be accomplished with ``` /configserver/application serviceCApiPassword=mypassword ``` Both ServiceA and ServiceB will get `serviceCApiPassword` when fetching their configuration from the config server

Ok so what you really want is a list of applications allowed or a list of applications not allowed? that seems like a much simpler way to accomplish what you...

Got it. I could imagine something on the config server that specify which application names will get the common configuration properties from `application`. We could also offer a property the...

Huh I didnt even know about that. Would you be interested in adding some docs on this?

I would say here https://github.com/spring-cloud/spring-cloud-config/blob/4.0.x/docs/src/main/asciidoc/spring-cloud-config.adoc#vault-backend

The commercial offer of Spring Cloud, Spring Cloud Services, uses OAuth2 to authorize the client to use the config server. You can find the code for how they do that...

I am not saying you need to port exactly what spring-cloud-services did I am just showing that it is possible to authorize the client before the request to the server...