diff --git a/workspace-server/internal/handlers/channels.go b/workspace-server/internal/handlers/channels.go
index 6d9008bf5..e27a93be6 100644
--- a/workspace-server/internal/handlers/channels.go
+++ b/workspace-server/internal/handlers/channels.go
@@ -149,15 +149,6 @@ func (h *ChannelHandler) Create(c *gin.Context) {
 		return
 	}
 
-	// #319: encrypt sensitive fields (bot_token, webhook_secret) before
-	// persisting so a DB read/backup leak can't recover the credentials.
-	// Validation above ran against plaintext; storage is ciphertext.
-	if err := channels.EncryptSensitiveFields(body.Config); err != nil {
-		log.Printf("Channels: encrypt config failed for workspace %s: %v", workspaceID, err)
-		c.JSON(http.StatusInternalServerError, gin.H{"error": "encrypt failed"})
-		return
-	}
-
 	configJSON, _ := json.Marshal(body.Config)
 	allowedJSON, _ := json.Marshal(body.AllowedUsers)
 	enabled := true