Problem

The deployment/userauth page doesn't correctly reflect the status of CODER_OIDC_CLIENT_SECRET. While the client ID is displayed when populated, the client secret field appears empty even when configured, which could mislead users into thinking their OIDC setup is incomplete.

Expected Behavior

The UI should indicate when the client secret is populated (without revealing the actual value), similar to how other secret fields are typically handled.

Current Behavior

• Client ID is correctly displayed when populated
• Client secret field appears empty even when configured
• API correctly returns "secret": "true" for the client secret field
• Users may waste time troubleshooting what appears to be missing configuration

Impact

Customers setting up their first Coder instance may be confused and spend unnecessary time troubleshooting OIDC configuration that is actually working correctly.

Environment

• Coder version: v2.24.2+0ead64f
• Page: /deployment/userauth

Additional Context

This was observed during initial setup and could be a common source of confusion for new users configuring OIDC authentication.