I'm making calls to a Web API using a xamarin mobile app and I was wondering when receiving my authorization bearer token could I not simply store it in the xamarin.auth account store along with the user's credentials? I figured this would be a better place than say a global variable in the app. Looking for feedback and any better options. Thanks!
Asked
Active
Viewed 597 times
0
-
Use Settings plugin to store : https://github.com/jamesmontemagno/SettingsPlugin – Himanshu Dwivedi May 19 '17 at 12:49
2 Answers
0
In my opinion there is nothing wrong with using the account store for storing an access token (using the account properties dictionary). I did it myself on one app where I didn't have any other data to persist, so didn't have a custom data access layer.
App Pack
- 1,512
- 10
- 9
0
Access tokens should not be stored. Refresh tokens are OK, but Access not. From security point of view.
moljac
- 946
- 9
- 12