What's the best practice for authorization in the plugin and auth tokens/data storage?

amal.samally · April 8, 2025, 9:44am

For the IDEA plugin with authorization, what would be the best way of storing the authorization tokens and account data?

If using the recommended approach from Persisting Sensitive Data the user on macOS has a system request everytime and the UX is far from ideal. If users choose to deny request - the functionality will be broken with no restoration possibility.

Are there any recommendations?

yann.cebron · April 8, 2025, 2:42pm

a system request everytime

IIRC there’s option to grant access “forever” in the dialog

amal.samally · April 9, 2025, 10:42am

And some users don’t use it, which leads to awful UX. Others occasionally (or on purpose) hit deny request - the functionality will be broken with no restoration possibility.

Users don’t understand the reason for this request, and developers can’t get the state (allowed/allowed forever/denied).

So, any better solutions?

Topic		Replies	Views
What is the recommended way to securely store an entitlement key (.jar/.zip) in an IntelliJ plugin? IntelliJ Platform plugin-development	0	21	April 17, 2025
How can sensitive plugin data be securely stored in IntelliJ? IntelliJ Platform plugin-development	2	12	April 24, 2025
Group keyring access for all IDEs from JetBrains familly IntelliJ Platform	0	25	March 19, 2025
"IntelliJ IDEA Open API and Plugin Development Is Deprecated"? Site Feedback	1	34	April 4, 2025
Is there an IntelliJ-Recommended Way to Enforce Explicit License Acceptance in Free Plugins? IntelliJ Platform	1	41	April 26, 2025

What's the best practice for authorization in the plugin and auth tokens/data storage?

Related topics