Built-In Secure Data Storage
.NET MAUI built-in Secure Storage feature is for securely storage of sensitive data. It stores data securely using platform specific security features. For example:
- It uses the Android Keystore on Android.
- On iOS, it uses the Keychain.
- It is used on Windows using the Credential Locker.
Secure Storage is primarily used to save data like:
- Authentication tokens.
- API keys.
- Passwords.
Saving to Secure Storage
Using the SecureStorage.SetAsync() method you save data into Secure Storage. Here is a simple example of how to save API toke data
using Microsoft.Maui.Storage;
public async Task SaveTokenAsync(string token)
{
try
{
await SecureStorage.SetAsync("auth_token", token);
}
catch (Exception ex)
{
// Possible errors include the device not supporting secure storage,
// or if a security key could not be created
Console.WriteLine($"Error saving data to secure storage: {ex.Message}");
}
}When we write data to the SecureStorage, we use SecureStorage.SetAsync(), pass in the key value pair.
Exception Handling: Secure Storage is not guaranteed to work everywhere (e.g., old versions of Android, or restricted devices), so you should always handle exceptions.
Retrieving Data from Secure Storage
To get data from Secure Storage, it uses the SecureStorage.GetAsync() method.
using Microsoft.Maui.Storage;
public async Task<string> RetrieveTokenAsync()
{
try
{
string token = await SecureStorage.GetAsync("auth_token");
return token;
}
catch (Exception ex)
{
// Handle errors here (e.g., device not supporting secure storage)
Console.WriteLine($"Error retrieving data from secure storage: {ex.Message}");
return null;
}
}
So, with SecureStorage, we call SecureStorage.GetAsync() for a key and it comes back with the stored value.
Exception Handling: Retrieving data is similar as saving data – always handle possible exceptions.
Using Secure Storage – Notes and Considerations
- Sensitive Information Only:
- In Secure Storage put only sensitive information such as passwords, tokens, API keys, etc.
- Limited Data Size:
- Storage is not meant for storing large amount of data. Small key value pairs are better suited for it.
- Platform-Specific Limitations:
- Secure storage is not supported in some older Android devices or specific configuration.
- Exception Handling:
- Never forget about exception handling, security storage operations may fail on some devices, or under certain circumstances.
- Usage Restrictions:
- In some platforms it might need some permissions or device configuration to get access to secure storage.
Summary of Secure Storage Usage
| Feature | Description |
|---|---|
| Save Data | Use SecureStorage.SetAsync() to securely save a key-value pair. |
| Retrieve Data | Use SecureStorage.GetAsync() to retrieve the value by key. |
| Data Type | Best for strings (tokens, passwords, etc.). |
| Platform Support | Uses platform-specific secure storage mechanisms like Keychain or Keystore. |
| Exception Handling | Handle exceptions to manage scenarios where secure storage is unavailable. |