Regarding Storage of Client_secret, access_token and refresh_token
Hi Team, I wanted to understand how client_secret, access_token and refresh_token are being stored at amazon. Appreciate, if you can provide a detailed explanation on the storage of these parameters. Thanks. Regards, Akhilesh
Akhilesh, your question may not be being answered because it may not be clear exactly what the question is? Or more importantly, why it is being asked, and in what context. From a functional standpoint it shouldn't matter how these tokens are being stored at Amazon, your app would work the same in any case. From a "hackability" standpoint however, it could matter if these values were stored haphazardly in an unsecure fashion. Since these are intended as security tokens, the assumption should be that they are stored in a highly secure fashion. Perhaps if you explained the problem you are having, and why you think storage of these tokens might be an issue for you, somebody could provide the necessary insights to assist you. -Robert
Hi Robert, Actually I am building a particular skill of one of my client and he had concerns as to how Amazon is storing the tokens and client secret key on their end. If you guys can elaborate on their storage and specification that would be helpful. Regards, Akhilesh
Hi Akhilesh, Thanks for posting! As Robert mentioned already, you should not concern yourself with how Amazon stores tokens internally. I hope you understand that it is private implementation and is not supposed to be disclosed. If you have specific development questions, please let us know. Thanks!