App authentication workflow

Hello!

I'm building an app to help agents write good answers (an support app).

I'm not sure how the authorization workflow looks like for my solution. I have two components:

1. During installation I need a refresh token/api key to migrate data daily

2. During usage (support/ticket_editor) I just need to use ZAF to get current ticket (this I have working)

I need a help with components 1.

As far I understand I need to:

1. Get global oauth client

2. Somehow get refresh token/api key during app installation ← I couldn't find materials covering this part

3. Store it somewhere and use when needed

Thanks for any advices how to solve this :)