I would like to add Jira integration to my C# application. Using the REST api is straightforward enough, and I've done that before in a web application where I controlled the server. However, I would like to do something similar in a desktop application.
What concerns me is that I don't see how I can secure the Jira login credentials in the deployed application. The API supports basic auth, requiring a plaintext username and password, or it supports using an Auth token, but that's also essentially just a plain-text password. I could encrypt those values, and decrypt them at runtime, but an attacker could just as easily decrypt the values.
Is there a recommended approach to supporting API access in a deployed desktop application where you can't trust all users of the application? (That is, this isn't an intra-net application within a single company.)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.