Data Storage
Most useful apps need to store data on device. There are a lot of Choices for data storage, which can be confusing. The Ionic team has recommendations for data storage options for enterprise use cases as well as an analysis of various options, their benefits and tradeoffs.
Ionic Secure Storage
Officially supported data storage solution from the Ionic team. Based on SQLite with encryption support built in. Ideal for high-performance use cases and offering the best security of popular alternatives.
Pros
- Officially-supported Ionic product (with an active enterprise subscription)
- High-performance
- Available in browser
- Query Support
Cons
- Not available in browser[1]
Ionic Storage
Open source helper utility with a key/value API that makes it easy to build data-driven apps that need to work on iOS, Android, and the web but don't have intense performance or relational data requirements.
This is a fine option for teams that don't need high-performance query or relational data support. Encryption is available when used with the official Ionic Secure Storage driver. When using this driver, SQL queries and relational data support are available though any code dropping down to the lower-level Secure Storage API will be limited to iOS and Android.
Pros
- Ionic open source project
- Simple key/value API
- Storage engine agnostic, cross-platform
- Encryption available when used with Ionic Secure Storage
Cons
- No query support
- No relational data support
IndexedDB
Pros
- Free
- Available in browser
- Query Support
Cons
- Data loss due to OS reclaiming space
- No support for encryption
- Limited storage capacity
- Difficult data export
LocalStorage
Pros
- Free
- Available in browser
- Simple
Cons
- No query support
- Data loss due to OS reclaiming space
- No support for encryption
- Low performance
- Limited storage capacity
In our opinion
Avoid LocalStorage or IndexedDB for all but the simplest data requirements. It's not worth the headache and risk of the operating system deleting data to free up disk space. IndexedDB is fine for Progressive Web Apps because it's one of the only options in that case.
Keep in mind that mobile operating systems actively manage Web View storage data, meaning data stored using a Web API like IndexedDB or Local Storage. This could mean actively deleting data to free up disk space when users run out of space on their device, a fairly frequent occurance. To avoid this, a native storage method should be used, such as SQLite.
SQLite is the most popular storage engine for mobile apps, by far, so we recommend something that uses it. It's also great because it's a single file on the filesystem, so it's easy to work with and move around. If the data stored on device is sensitive in any way, encryption is a must. The easiest way to get a SQLite engine with optional encryption is through Secure Storage which we fully maintain and keep up to date every every future operating system or device update.
Finally, different data will have different storage requirements. App-specific data (such as user content, data for app screens, etc.) should be stored in a storage engine as discussed on this page. Sensitive values, such as auth tokens (JWTs/etc) or encryption keys, which may or may not be locked behind biometric authentication flows, must be stored using specialized device hardware to avoid leaking these sensitive values and compromising any data or user sessions. For storing auth tokens or encryption keys, refer to the Biometrics and Token Storage guide.
