@evva-sfw/capacitor-secure-storage-plugin
Advanced tools
Securely store secrets such as usernames, passwords, tokens, certificates or other sensitive information (strings) on iOS & Android
Capacitor plugin for storing string values securly on iOS and Android.
npm install @evva-sfw/capacitor-secure-storage-plugin
npm install @evva-sfw/capacitor-secure-storage-plugin@1.0.2
For version lower than 5 please refer to https://github.com/martinkasa/capacitor-secure-storage-plugin
import { SecureStoragePlugin } from '@evva-sfw/capacitor-secure-storage-plugin';
get(options: { key: string }): Promise<{ value: string }>
Note if item with specified key does not exist, throws an Error
set(options: { key: string; value: string }): Promise<{ value: boolean }>
Note return true in case of success otherwise throws an error
remove(options: { key: string }): Promise<{ value: boolean }>
Note return true in case of success otherwise throws an error
keys(): Promise<{ value: string[] }>
clear(): Promise<{ value: boolean }>
Note return true in case of success otherwise throws an error
getPlatform(): Promise<{ value: string }>
Note return returns which implementation is used - one of 'web', 'ios' or 'android'
const key = 'username';
const value = 'hellokitty2';
SecureStoragePlugin.set({ key, value })
.then(success => console.log(success))
const key = 'username';
SecureStoragePlugin.get({ key })
.then(value => {
console.log(value);
})
.catch(error => {
console.log('Item with specified key does not exist.');
});
async getUsername(key: string) {
return await SecureStoragePlugin.get({ key });
}
This plugin uses the SimpleKeychain Swift library for iOS.
On Android it is implemented by AndroidKeyStore and SharedPreferences. Source: Apriorit
There is no secure storage in browser (not because it is not implemented by this plugin, but it does not exist at all). Values are stored in LocalStorage, but they are at least base64 encoded. Plugin adds 'capsec' prefix to keys to avoid conflicts with other data stored in LocalStorage.
FAQs
Securely store secrets such as usernames, passwords, tokens, certificates or other sensitive information (strings) on iOS & Android
We found that @evva-sfw/capacitor-secure-storage-plugin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.
Security News
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.