A native application is a public client installed and executed on the device used by the resource owner (ie end user).
Protocol data and credentials are accessible to the resource owner.
It is assumed that any client authentication credentials included in the application can be extracted.
On the other hand, dynamically issued credentials such as access tokens or refresh tokens can receive an acceptable level of protection.
At a minimum, these credentials are protected from hostile servers with which the application may interact. On some platforms, these credentials might be protected from other applications residing on the same device.