I want to store the least amount of data server-side.
Is it safe to store user tokens and secrets client-side?
Can those keys do anything on their own (without the application consumer key and secret)?
