Yes, the keychain is the right place to store the token since it will be encrypted.
I tried the exact same thing you did with Podio and JNKeychain and for me it did work. Which version of PodioKit and JNKeychain are you using? it seems the the unarchiving fails to restore those property values in your case.
PKOAuth2Token *token = [[PKOAuth2Token alloc] initWithAccessToken:@"access1234"
refreshToken:@"refresh1234"
transferToken:@"transfer1234"
expiresOn:[NSDate dateWithTimeIntervalSinceNow:3600]
refData:@{@"ref": @"somedata"}];
// Test archiving
NSData *data = [NSKeyedArchiver archivedDataWithRootObject:token];
PKOAuth2Token *archivedToken = [NSKeyedUnarchiver unarchiveObjectWithData:data];
NSLog(@"Restored access token from archive %@", archivedToken.accessToken);
// Test keychain
NSString *keychainKey = @"AuthToken";
[JNKeychain saveValue:token forKey:keychainKey];
PKOAuth2Token *keychainToken = [JNKeychain loadValueForKey:keychainKey];
NSLog(@"Restored access token from keychain: %@", keychainToken.accessToken);
The above prints:
2014-01-23 21:07:22.719 App[17202:70b] Restored access token from archive access1234
2014-01-23 21:07:22.723 App[17202:70b] Restored access token from keychain: access1234
You could always try an alternative keychain wrapper library, like FXKeychain.