XamarinT2 Light_1200x303
In Xamarin Essentials, Secure Storage allows you to save sensitive data, like a password. We’ll look at the keychain and keystore of each specific platform.

This time we will be learning about Secure Storage using one of the great APIs that Xamarin.Essentials brings to us.

Imagine for example the user wants to save their password in an application so they don’t have to type it in every time they open the app. This type of information is sensitive and should be treated with greater security. How would we securely store this highly important and sensitive data in our applications? πŸ€”

Secure Storage comes in when you need save certain data such as an oauth_token or as the password in the above example. In addition, we’re using the keychain and keystore of each specific platform. Let’s learn how to use it! πŸ’ͺ🏼

Preferences

You probably already know about Preferences, which are very useful when you want to save non-private information—something like, Do you want the device to remember your email? / Yes. πŸ•΅‍β™‚

But you will surely be wondering, Can we use Preferences? Don’t they cover similar topics? And certainly the answer is yes, they are very similar topics—but don’t get confused between Preferences and Security Storage. There are key differences as you can see in the table below:

 Description = Encrypted data  is supported in Security Storage but not in Preferences; Preferences are better to include non-sensitive values; Security Storage are better to include sensitive values; Security Storage receives value of any data type

πŸ”§ Platform Settings

πŸ“’ On iOS: (This configuration is only necessary if you are developing in a simulator, otherwise it must be removed.)

  • Enable the Keychain entitlement, then add keychain access group for the application’s bundle identifier.
  • In your Entitlements.plist enable the Keychain.
  • In the project properties under iOS Bundle Signing, set the Custom Entitlements to Entitlements.plist.

πŸ“— On Android:

First option—enable or disable backup: If you want to disable the full backup of your application, go to your AndroidManifest.xml and in your application tags set android:allowBackup to false.

<manifest ... >
  <application android:allowBackup="false" ... >
  </application>
</manifest>

Second option—selective backup: Or you can configure Automatic Backup to disable backup of specific content from backing up. (Also you can create a custom rule set to exclude SecureStore items from being backed up.)

  1. In your AndroidManifest.xml set the android:fullBackupContent attribute:
<application android:fullBackupContent="@xml/auto_bk_rules">
</application>
  1. In the Resources/xml directory, create an XML file: In this example, the file is named auto_bk_rules.xml. Set AndroidResource as a build action.

  2. Then set the following content that includes all shared preferences except for SecureStorage:

<?xml version="1.0" encoding="utf-8"?>
<full-backup-content>
  <include domain="sharedpref" path="."/>
  <exclude domain="sharedpref" path="${applicationId}.xamarinessentials.xml"/>
</full-backup-content>

πŸ“˜ On UWP: No additional setup required.

Let’s Start!

What is Secure Storage? πŸ€”

The SecureStorage class helps securely store simple key/value pairs.

πŸ“¬ Setting Secure Storage

To set some value, you just have to call the SecureStorage class followed with the SetAsync method. This method stores the encrypted values for a given key. It takes the following parameters:

πŸ”Ή Key name: It receives the name with which you want the data to be identified.

πŸ”Ή Key value: It receives the value with which you want to save the previously registered key.

await SecureStorage.SetAsync("oauth_token", "secret-oauth-token-value");

πŸ“« Getting Values From Secure Storage

To retrieve a value from Secure Storage, use the GetAsync method. It takes the following parameters:

πŸ”Ή Key name: Receives the name of the key from which you want to obtain the value. (⚠ If there is no value with this key, it will return a null.)

var oauthToken = await SecureStorage.GetAsync("oauth_token");

πŸ“­ Removing a Specific Secure Store Key

βž– To remove a specific key: You only have to indicate the name of the key you want to remove.

SecureStorage.Remove("oauth_token");

βž– To remove all:

SecureStorage.RemoveAll();

⚠ Important: When using it, try to handle small amounts of text; otherwise performance may slow down.

And done! You can now use Secure Storage! πŸ’ͺ🏼

Thanks for reading! πŸ’š

References: https://docs.microsoft.com/en-us/xamarin/essentials/secure-storage?tabs=ios


LeomarisReyes
About the Author

Leomaris Reyes

Leomaris Reyes is a Software Engineer from the Dominican Republic, with more than 5 years of experience. A Xamarin Certified Mobile Developer, she is also the founder of  Stemelle, an entity that works with software developers, training and mentoring with a main goal of including women in Tech. Leomaris really loves learning new things! πŸ’šπŸ’• You can follow her: Twitter, LinkedIn , AskXammy and Medium.

Related Posts

Comments

Comments are disabled in preview mode.