Update info about extension local storage and tokens (#16390)

Signed-off-by: Guillaume Tardif <guillaume.tardif@gmail.com> Signed-off-by: Guillaume Tardif <guillaume.tardif@gmail.com>
2022-12-21 14:09:03 +01:00 · 2022-12-21 14:09:03 +01:00 · ebf7272b2d
parent 651ac1aac2
commit ebf7272b2d
1 changed files with 7 additions and 6 deletions
--- a/desktop/extensions-sdk/guides/oauth2-flow.md
+++ b/desktop/extensions-sdk/guides/oauth2-flow.md
@ -102,14 +102,15 @@ Finally, you can read the access token from the HTTP response and pass it to the

 ## Step three: Store the access token

-The Docker Extensions SDK does not currently provide a mechanism to safely store secrets.

-It is highly recommended that you use an external source of storage to store the access token.
+The Docker Extensions SDK doesn't currently provide a specific mechanism to store secrets.

-> Warning
+It's highly recommended that you use an external source of storage to store the access token.
+
+> Note
 >
-> Storing the access token in a client's localStorage is a security risk as that storage is currently shared amongst all extensions.
-{: .warning}
+> The user interface Local Storage is isolated between extensions (an extension can't access another extension's local storage), and each extension's local storage gets deleted when users uninstall an extension.
+
+## What's next

-## What's next 
 Learn how to [publish and distribute your extension](../extensions/index.md)