Persisting Sensitive Data

The Credentials Store API allows you to store sensitive user data securely, like passwords, server URLs, etc.

How to Use

Use PasswordSafe to work with credentials.

Retrieve Stored Credentials

    String key = null; // e.g. serverURL, accountID
    CredentialAttributes credentialAttributes = createCredentialAttributes(key);

    Credentials credentials = PasswordSafe.getInstance().get(credentialAttributes);
    if (credentials != null) {
      String password = credentials.getPasswordAsString();
    }

    // or get password only
    String password = PasswordSafe.getInstance().getPassword(credentialAttributes);

    private CredentialAttributes createCredentialAttributes(String key) {
        return new CredentialAttributes(CredentialAttributesKt.generateServiceName("MySystem", key));
    }

Store Credentials

    CredentialAttributes credentialAttributes = createCredentialAttributes(serverId); // see previous sample
    Credentials credentials = new Credentials(username, password);
    PasswordSafe.getInstance().set(credentialAttributes, credentials);

To remove stored credentials, pass null for the credentials parameter.

Storage

The default storage format depends on the OS.

OS	Storage
Windows	File in KeePass format
macOS	Keychain using Security Framework
Linux	Secret Service API using [libsecret][linux2]

Users can override the default behavior in Preferences | Appearance & Behavior | System Settings | Passwords.