I have created a Miro app and what pretty much does is that it creates Microsoft To Do Items from Miro Cards using the Graph API and specifically several Microsoft To Do Endpoints in there.
My app makes use of both the Miro REST API and the Graph REST API by Microsoft. For both I need a client secret, a refresh token and an auth token to authenticate against these apis. My plan is to use service account on the Microsoft side and another service account on the Miro side (Or actually user accounts).
Since the app is built using React and Typescript (As done in one of Miro´s tutorials) I have different options to store Auth Data. I of course don´t want to do that in plain text inside my application. How should I approach this? Should I use a database or a .env file?
I am happy about any suggestions and answers. :)