I use Kong gateway (DB-less mode) and building a custom plugin.
Rather than storing OAuth2 credentials in plugin config, is it possible to store credentials in structure like basicauth_credentials (existing or build a custom one)?
xxx_credentials:
Hi @Tim_Yau, you should be able to achieve that by creating a custom entity, you can ignore the migration steps if you are only interested in running this dbless. You can then select your custom entities from the plugin’s code using for example: local e = kong.db.<your_entity>:select_by_<field>(<value>), similarly to how basicauth_credentials are loaded.
I hope that helps.
Hello
In Kong Gateway’s db-less mode, storing OAuth2 credentials directly in a custom plugin configuration isn’t advisable for security reasons. Instead, use Kong’s built-in OAuth2 plugin to manage credentials securely. Store OAuth2 credentials like client_id and client_secret in Kong’s consumers and oauth2_credentials entities. This approach ensures proper security and alignment with Kong’s capabilities for OAuth2 credential management.
Thank you 
boblewis