If the additional information to add is always in respect to the user that completed the logged in and this information is directly manageable by end-users then you could store it as part of user_metadata. As I mentioned before, most scopes for Management API cannot be obtained in an end-user flow, however, it’s possible to obtain some scopes that allow operation to be performed in a single user (the one that logged in).
One of those operations would be updating user_metadata; there’s reference information on how to obtain such access token at (Get Management API Access Tokens for Single-Page Applications). This page is associated with SPA’s, but native applications are also OAuth 2.0 public clients like SPA’s so the same would apply to them.