Docs list the database encrypted fields as:

The following database fields are currently encrypted:

user_links.oauth_access_token
user_links.oauth_refresh_token
external_auth_links.oauth_access_token
external_auth_links.oauth_refresh_token

This is out of date, since we now encrypt JWT keys.