Windows Phone 8.1 for Developers–Using the Credential Locker

This blog post is part of a series about how Windows Phone 8.1 affects developers. This blog post talks about how to use the credential locker to store sensitive data and is written by Johan Silfversparre at Jayway and was originally posted here.

Intro

With the release of Windows Phone 8.1, the Credential Locker service is now available for Windows Phone app developers. This is great news for both first time users and those of us already using the service in our Windows 8.1 Store apps. This Credential Locker service simplifies the task of handling user credentials and to store them securely encrypted on the device your app is running. It also roam the credentials between devices along with the user Microsoft account. Information is stored in the Credential Locker per user and cannot be shared between apps.

 

When

A common scenario for using the Credential Locker is if your app connect to services like social networking. By only asking the user for login information once and store it in the Credential Locker between sessions will provide a better user experience.

 

How to

Create a reference:

 using Windows.Security.Credentials
…
// public PasswordVault()
var vault = new.PasswordVault();

Store user credential method:

 // public void Add(PasswordCredential credential)
vault.Add(new PasswordCredential("resourceName", “username”, “password”));

Retrieve list of all user credentials:

 // public IReadOnlyList RetrieveAll()
Var list=vault.RetrieveAll();

Retrieve list of user credentials by user name:

 // public IReadOnlyList FindAllByUserName(string userName)
var list = vault.FindAllByUserName(“username”);

Retrieve list of user credentials by resource name:

 // public IReadOnlyList FindAllByResource(string resource)
var list = vault.FindAllByResource(“resourceName”);

Retrieve specific user credential by username and resource:

 // public PasswordCredential Retrieve(string resource,string username)
var list = vault.Retrieve(“resourceName”, “username”);

Delete user credential:

 // public void Remove(PasswordCredential credential)
vault.Remove(new PasswordCredential("resourceName, userName, password));

Best practices

  • Use the Credential Locker to store passwords, not large data blocks.
  • Make sure the user has successfully signed in and opted to save passwords before storing them in the Credential Locker.

 

Summary

Another option for handling user authentication is now available for you as a Windows Phone app developer. The Credential Locker service is introduced and you use it in the same way as in your Windows 8 apps.