I have created a Miro app and what pretty much does is that it creates Microsoft To Do Items from Miro Cards using the Graph API and specifically several Microsoft To Do Endpoints in there.
My app makes use of both the Miro REST API and the Graph REST API by Microsoft. For both I need a client secret, a refresh token and an auth token to authenticate against these apis. My plan is to use service account on the Microsoft side and another service account on the Miro side (Or actually user accounts).
Since the app is built using React and Typescript (As done in one of Miro´s tutorials) I have different options to store Auth Data. I of course don´t want to do that in plain text inside my application. How should I approach this? Should I use a database or a .env file?
I am happy about any suggestions and answers. :)
The idea of your app sounds great! While we do not have specific recommendations around this, we do recommend that developers choose what best fits their use cases from the wide variety of storage options available, such as having your own backend, .env files, and so on. There are industry standards to persist PII and auth data, which might also help you. Having said that, here are some resources that might come handy and help you choose what’s best for your use case:
We hope this helps! Happy coding!
thank you for the help! I guess I will look into both solutions. The Redis example for the backend looks interesting and more secure than the frontend solutions. But since I don´t really have a backend I have to store the data somewhere inside the Miro App built in React.
You’re welcome! Do let us know any time you need any assistance.