Ionic Secure Storage is a cross-platform data storage system for high performance, secure data storage on iOS and Android. Ionic Secure Storage provides full SQL query and relational data support through SQLite, as well as key/value support for simpler use cases when used with the Ionic Storage utility library. Full encryption support (using 256-bit AES) is provided out of the box for security sensitive applications.
While Ionic Secure Storage is only available on iOS and Android, support for web storage is available when used in key/value mode in tandem with the Ionic Storage utility library, which will fall back to a web-friendly storage mechanism when running in a non-native browser environment.
Before you use Secure Storage, you need to figure out how you will manage your encryption key. Typically, managing encryption keys on the client can be incredibly challenging to get right.
Thankfully, by using Identity Vault in tandem with Ionic Secure Storage, teams can securely manage encryption keys to support online and offline use cases using the full security features available on modern mobile devices and operating systems.
If you choose to roll your own method of key management, be aware that, just like rolling your own encryption, there are many pitfalls to client-side key management that may defeat your encryption efforts. Some of those pitfalls include lack of integration with secure enclave device hardware, incorrect management of biometric credentials resulting in users accessing sensitive values from other users, and data exposure if a device is jailbroken or lost/stolen. Because of these challenges we strongly recommend against rolling your own key management system and recommend using Identity Vault instead.
If you have not already setup Ionic Enterprise in your app, follow the one-time setup steps.
Next, install the plugin:
NOTE: npm 7+ is recommended. For previous versions, install
@ionic-native/coreas a dependency.
In Angular, start by defining the
SQLite class as provider in one of your component modules. We recommend your
AppModule for usage across your app:
@ionic-enterprise/secure-storage/ngx into your file and inject it into your constructor:
Initializing the database can be done immediately in the constructor:
Begin by importing Secure Storage into one of your component source files then create a state variable for the database:
Next, initialize the database immediately and create the database tables:
Begin by importing Secure Storage into one of your components:
Next, create a ref object for the database instance, then initialize the database immediately:
Insert data into a database table:
Read data from a database table:
Close the database:
Delete the database (provide the same configuration details used when creating it):
Transactions are strongly recommended for performance reasons, especially when using encryption, and are also critical for building atomic operations that only commit to the database if all statements execute correctly.
Transactions can be performed one statement at a time using
Or can be performed in a batch