diff --git a/feeds/ucentral/uspot/files/usr/share/uspot/handler-uam.uc b/feeds/ucentral/uspot/files/usr/share/uspot/handler-uam.uc
index 4a0d1df55..56e77c74c 100644
--- a/feeds/ucentral/uspot/files/usr/share/uspot/handler-uam.uc
+++ b/feeds/ucentral/uspot/files/usr/share/uspot/handler-uam.uc
@@ -32,6 +32,9 @@ function auth_client(ctx) {
 	if (radius['access-accept']) {
 		if (ctx.config.final_redirect_url == 'uam')
 			ctx.query_string.userurl = portal.uam_url(ctx, 'success');
+
+		delete payload.server;
+		delete payload.acct_server;	// don't publish server secrets
 		portal.allow_client(ctx, { radius: { reply: radius.reply, request: payload } } );
 
 		payload = portal.radius_init(ctx);
diff --git a/feeds/ucentral/uspot/files/usr/share/uspot/handler.uc b/feeds/ucentral/uspot/files/usr/share/uspot/handler.uc
index f2c90de46..2902bc5ad 100644
--- a/feeds/ucentral/uspot/files/usr/share/uspot/handler.uc
+++ b/feeds/ucentral/uspot/files/usr/share/uspot/handler.uc
@@ -29,6 +29,8 @@ function request_start(ctx) {
 			if (radius['access-accept']) {
 				if (ctx.config.final_redirect_url == 'uam')
 					ctx.query_string.userurl = portal.uam_url(ctx, 'success');
+				delete payload.server;
+				delete payload.acct_server;	// don't publish radius secrets
 				portal.allow_client(ctx, { radius: { reply: radius.reply, request: payload } } );
 				return;
 			}
@@ -118,6 +120,8 @@ function request_radius(ctx) {
 
         let radius = portal.radius_call(ctx, payload);
 	if (radius['access-accept']) {
+		delete payload.server;
+		delete payload.acct_server;	// don't publish radius secrets
                 portal.allow_client(ctx, { username: ctx.form_data.username, radius: { reply: radius.reply, request: payload } } );
                 return;
         }