Hi @sha256, thanks for the question. I assume you are talking about client_secret from the auth0_client resource output. I understand your concern. Unfortunately, I don’t think there is a way around this unless you use private_key_jwt or remove the read:client_keys scope from the M2M app used by the Terraform client. I’ll investigate this further and get back to you if there is another way around this.
In the meantime you can find more info here: Terraform Registry