Ionic Identity Vault is an all-in-one frontend identity management system that combines security best practices and the latest in biometric authentication options available on iOS and Android.
The Vault manages secure user identity and session tokens, ensuring sensitive tokens are encrypted at rest, stored only in secure locations on the device, and unlocked only with biometric identity (TouchID/FaceID).
Without Ionic Identity Vault, Ionic developers have to resort to combining third party Cordova plugins, often resulting in insecure setups due to the lack of correct implementation of biometric and at-rest encryption strategies. Learn more.
If you have not already setup Ionic Enterprise in your app, follow the one-time setup steps.
Next, install the plugin:
Update the native project config files:
The Identity Vault reference apps offer a complete login/logout experience that includes biometrics (Face ID with passcode as a fallback), secure token storage, background data hiding, and session timeouts. Two variants of the reference apps are available. The first variant demonstrates using Identity Vault to integrate with an existing generic authentication workflow. The second variant demonstrates using Identity Vault in conjuction with Auth Connect to provide a fully secured OAuth/OpenID Connect authentication workflow.
IonicIdentityVaultUser class takes a generic session type which represents the type of the session you'll store in the vault. You can use the DefaultSession or extend the class to create a custom session. In the constructor of your
Identity service, the vault is configured by providing options to the
If you'd like to automatically add your authorization token from your identity service to every request, you can see a simple example at in our demo repo.