I have a serverless custom app installed in one product (Freshcaller) and it needs to hit another product’s API.
To authenticate this, we are going for JWT. It is a runtime generated JWT token so we need to store the secret somewhere within the custom app.
Is the custom app secure enough to store JWT secret? And if yes, where could I possibly store it?