Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added URLCredential documentation #63

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Added URLCredential documentation #63

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
098aaa0
Added URLCredential documentation
Chandlerdea Dec 15, 2017
06d38c8
Fixing typo
Chandlerdea Dec 15, 2017
ceb58fa
Fixed typo
Chandlerdea Jan 22, 2018
de7cb90
Made NSURLCredential the default way to store sensative data in the k…
Chandlerdea Jan 22, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -452,7 +452,7 @@ Even in an age where we trust our portable devices with the most private data, a

### Data Storage

If your app needs to store sensitive data, such as a username and password, an authentication token or some personal user details, you need to keep these in a location where they cannot be accessed from outside the app. Never use `NSUserDefaults`, other plist files on disk or Core Data for this, as they are not encrypted! In most such cases, the iOS Keychain is your friend. If you're uncomfortable working with the C APIs directly, you can use a wrapper library such as [SSKeychain][sskeychain] or [UICKeyChainStore][uickeychainstore].
If your app needs to store sensitive data, such as a username and password, an authentication token or some personal user details, you need to keep these in a location where they cannot be accessed from outside the app. Never use `NSUserDefaults`, other plist files on disk or Core Data for this, as they are not encrypted! In most such cases, the iOS Keychain is your friend. It is best to store your credentials in the iOS Keychain with [NSURLCredential](https://developer.apple.com/documentation/foundation/nsurlcredential) and [NSURLCredentialStorage](https://developer.apple.com/documentation/foundation/nsurlcredentialstorage). You create and store your access token in a `NSURLCredential`, and store that credential in a `NSURLCredentialStorage` instance. You will also need to specify a [NSURLProtectionSpace](https://developer.apple.com/documentation/foundation/urlprotectionspace), which represents a server or an area on a server, commonly referred to as a realm, that requires authentication. You can persist the credentials in the user's keychain, or for a single request. There are also wrapper libraries such as [SSKeychain][sskeychain] or [UICKeyChainStore][uickeychainstore], that let you interact with the keychain directly, but this is not recommended.

When storing files and passwords, be sure to set the correct protection level, and choose it conservatively. If you need access while the device is locked (e.g. for background tasks), use the "accessible after first unlock" variety. In other cases, you should probably require that the device is unlocked to access the data. Only keep sensitive data around while you need it.

Expand Down