I am creating an IHostedService by implementing the BackgroundService interface for a service that will run on an IIS server. This service is going to call other api endpoints that have various authentication and authorization schemes. One in particular requires using OAuth Authentication Code.
I need some advice on how to manage the authentication and refresh tokens for this service. Since this service will be running in the background and not having user interaction, i will have to seed the authentication and refresh tokens and my plan is to store these in an Azure KeyVault. The background service will then manage updating the tokens and storing them in Key Vault when they become expired. So, two main questions:
1. Does this approach of storing the authentication and refresh tokens in Key Vault seem like a feasible and secure approach?
2. Since this one API needs human interaction to get the initial authentication and refresh tokens, are there any suggestions on how to seed this information in Key Vault?
Any suggestions are very much welcome. Thanks in advance for your assistance.