Storing third-party website API secret on the twitch configuration service

I’m currently in the process of making a twitch extension. This particular twitch extension would take the inputted player-specific secret API code from another website on the extension and then use it to access the websites player-specific data through GraphQL to then display on the extension. My question is, is it safe to store the inputted player-specific API code on the twitch configuration service, or do I need to set up an EBS?

To re-iterate, the only thing that would be stored on the EBS would be the third-party API code which would then be used to make queries to the website.

All data on the Twitch Configuration service is public, as it is not designed to be a private data store and does not have any sort of access control that would prevent malicious users. So no, it’s not safe to store things such as API keys/tokens.

Thank you for the response, so to re-iterate, any data (even just a single line-token) inputted into the twitch extension configuration tab and stored through the callback function to the twitch configuration service is vulnerable to malicious users?

Yes, it is public storage not secure storage