@AliveDevil created the issue

Current Windows Credential Manager implementation splits OAuth Access and Refresh Token into two separate entries in Windows Credential Manager - this should ideally be one single entry.

Windows Credential Manager limits passwords to be max size of CRED_MAX_CREDENTIAL_BLOB_SIZE (512) bytes - this is problematic as AAD OAuth tokens easily exceed 512 Bytes.

Leverage use of CredentialAttribute which allows page sizes of CRED_MAX_VALUE_SIZE (256) bytes, with up to CRED_MAX_ATTRIBUTES (64) pages - this would allow storing 16 KiB of data in a Windows Credential Manager-entry - resulting in one entry per OAuth Access/Refresh-Token. Additional metadata can be stored as well (token expiry) as this is currently not handled correctly.

For this to work we rely on the CSWin32- and Win32Metadata-projects to leave Preview (Win32Metadata) and Beta (CSWin32) state and release a stable build.