Hi guys o7
First off, the app i decided to make is by far the most difficult thing i ever attempted, so please be gentle.
As far as i understand the SSO auth flow, after trading my auth token for access and refresh token (so to say), i got to store them somehow, right? So the next time i start my app i don’t have to go through the thing again and can simply refresh the access token with the refresh token (which never expires, right?)
Otherwise i’d have to sign on every single time i start the app…
So the question;
How do i store these keys? Do i have to make them unreadable somehow or encrypt them?
Or does it not matter if they got stolen?
Im working with Windows/C# and was going to share my app/the code with anyone who wants btw.