Best Practices for REST Shared Secret Value

I am using a REST API that uses oauth for authentication. When registering for the service I was given my API Consumer Key and my API Shared Secret. I've been simply hardcoding the Shared Secret into my Appl开发者_如何学Goication code and compiling it.

Is this the best way to manage a Shared Secret? That is, are there any security implications? Should this be encrypted in some way? What are the best practices for managing this Shared Secret?

It depends a bit on where your code is running.

In your case a hacker would need to steal your dll, and read the key from the dll.

This is better than storing the key in a configuration file in plain text.

You could store the key ecrypted in a database, with the information about how to decrypt it in your dll. That way a hacker would have to both steal your dll and information from your database.