Pluggable credential persistence. The default is an in-memory store scoped to
the provider instance. Browser adapters (sessionStorageCredentialStore,
localStorageCredentialStore) are explicit opt-in because Web Storage is
readable by any script on the origin (XSS exfiltration risk) — see
docs/auth.md.
Keys are namespaced per origin/service by the provider so tokens for one
service are never returned for another.
Pluggable credential persistence. The default is an in-memory store scoped to the provider instance. Browser adapters (
sessionStorageCredentialStore,localStorageCredentialStore) are explicit opt-in because Web Storage is readable by any script on the origin (XSS exfiltration risk) — seedocs/auth.md.Keys are namespaced per origin/service by the provider so tokens for one service are never returned for another.