Need to make sure that users of our app are safe from having their access token stolen. Where/how is the token stored in the TwitterKit Unity SDK? I’ve tried googling around and briefly looking through the source but I didn’t see anything obvious.
There is no way to fully secure an access token. A determined individual could reverse-engineer almost any .NET app.
But to answer your question, the token is stored in an asset file in your app’s Assets/Twitter/Scripts/Resources/ directory.
Thanks for the response. Is there any due diligence I should be doing in regards to the access token or is the default implementation fine for most cases?
The default implementation should be fine for most cases.