Are there any best practices for creating ArcGISPortal objects in C#/.NET in scenarios where the code needs to run independently without user input?
In this scenario, I am developing a console app that will be called by Task Scheduler, so a user will not be present to input their username and password to establish the connection to ArcGIS Online. It boils down to these two lines of code.
TokenCredential userCredentials = await AuthenticationManager.Current.GenerateCredentialAsync(serviceUri, username, password);
Then the token credential is passed to the method that creates the portal object.
portal = await ArcGISPortal.CreateAsync(new Uri(ServiceUrl), userCredentials);
In order to make this approach work in our scenario I would have to include the username and password in the source code. It could be obfuscated through encrypting/decrypting methods, or stored in settings, but neither of those approaches are secure.
In arcpy a script can leverage the active portal on the host machine. I believe it simply uses the last portal that ArcGIS Pro loggged into. This approach has worked well for us with scripts that are called by Task Scheduler. But in this case we aren't using arcpy. Is there a way with the C# .NET ArcGIS runtime to use an active portal? If not, what is the best practice in this scenario to keep user credential confidential?