Product
Introducing License Enforcement in Socket
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
By Philipp Burckhardt - Oct 17, 2024
@atroo/capacitor-secure-storage-plugin
Advanced tools
@atroo/capacitor-secure-storage-plugin
Securely store secrets such as usernames, passwords, tokens, certificates or other sensitive information (strings) on iOS & Android
@atroo/capacitor-secure-storage-plugin
Securely store secrets such as usernames, passwords, tokens, certificates or other sensitive information (strings) on iOS & Android
Compatibility
Since v5 we follow the versioning of Capacitor, which means v5 of this plugin can be used with Capacitor 5, while v6 can be used with Capacitor 6.
Install
npm install @atroo/capacitor-secure-storage-plugin
npx cap sync
Features
Android
This plugin uses EncryptedSharedPreferences to store sensitive information securely on any Android device. It will automigrate data from older versions after update.
iOS
When using set() you can specify a different accessibility modifier of the keychain to control, when access to a key should be allowed. Providing a different accessibility modifier on consecutive calls of set() for the same key, will remove the old key and create it new under the hood to prevent keychain errors.
Notes
Android
AutoBackup
To stay secure you need to handle the Auto Backup rules in Android. Please refer to this document.
Java 17
The plugin requires Java 17 to run. You can set it using the following options:
- changing the IDE settings.
- changing the JAVA_HOME environment variable.
- changing
org.gradle.java.homeingradle.properties.
API
The SecureStoragePlugin plugin interface
get(...)
get(options: { key: string; }) => Promise<{ value: string; }>
gets the value for the given key
| Param | Type | Description |
|---|---|---|
options | { key: string; } | key to get value for |
Returns: Promise<{ value: string; }>
getAccessibility(...)
getAccessibility(options: { key: string; }) => Promise<{ value: string | undefined; }>
gets the accessibility for the given key
| Param | Type | Description |
|---|---|---|
options | { key: string; } | key to get accessibility for |
Returns: Promise<{ value: string; }>
set(...)
set(options: SetDataOptions) => Promise<{ value: boolean; }>
sets the value for the given key
| Param | Type | Description |
|---|---|---|
options | SetDataOptions | key and value to set |
Returns: Promise<{ value: boolean; }>
remove(...)
remove(options: { key: string; }) => Promise<{ value: boolean; }>
removes the value for the given key
| Param | Type | Description |
|---|---|---|
options | { key: string; } | key to remove value for |
Returns: Promise<{ value: boolean; }>
clear()
clear() => Promise<{ value: boolean; }>
clears all values
Returns: Promise<{ value: boolean; }>
keys()
keys() => Promise<{ value: string[]; }>
gets all keys
Returns: Promise<{ value: string[]; }>
getPlatform()
getPlatform() => Promise<{ value: string; }>
gets the platform
Returns: Promise<{ value: string; }>
Interfaces
SetDataOptions
allows to define how properties can be accessed on iOS
| Prop | Type |
|---|---|
key | string |
value | string |
accessibility | Accessibility |
Type Aliases
Accessibility
allows to define how properties can be accessed on iOS
'afterFirstUnlock' | 'afterFirstUnlockThisDeviceOnly' | 'whenUnlocked' | 'whenUnlockedThisDeviceOnly' | 'always' | 'alwaysThisDeviceOnly' | 'whenPasscodeSetThisDeviceOnly'
FAQs
Securely store secrets such as usernames, passwords, tokens, certificates or other sensitive information (strings) on iOS & Android
The npm package @atroo/capacitor-secure-storage-plugin receives a total of 173 weekly downloads. As such, @atroo/capacitor-secure-storage-plugin popularity was classified as not popular.
We found that @atroo/capacitor-secure-storage-plugin demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 05 Aug 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Enhancing Open-Source Compliance: Introducing Socket’s Advanced License Analysis
We're launching a new set of license analysis and compliance features for analyzing, managing, and complying with licenses across a range of supported languages and ecosystems.
By Christopher Bailey - Oct 17, 2024
Product
Introducing Socket Optimize
We're excited to introduce Socket Optimize, a powerful CLI command to secure open source dependencies with tested, optimized package overrides.
By John-David Dalton - Oct 16, 2024