I am developing an application that involves some sensitive user information. I retrieve this information via a private web API. I am trying to determine the best way to get this data into my app. Right now I'm exploring creating a content provider that can do so; my hesitation is in making it secure. I want this data to be usable only by my application. Ideally, no other apps would even know it exists.
Do you have any pointers or advice on how to do this effectively and securely? Any info on content providers who's data source is a remote OAuth'd API?
Thanks!
Edit: I say content provider, but if that isn't the best way to do what I need, by all means let me know what else to look into.
A content provider manages access to a central repository of data. A provider is part of an Android application, which often provides its own UI for working with the data. However, content providers are primarily intended to be used by other applications, which access the provider using a provider client object.
Content providers are one of the primary building blocks of Android applications, providing content to applications. They encapsulate data and provide it to applications through the single ContentResolver interface. A content provider is only required if you need to share data between multiple applications.
The Content Resolver behaves exactly as its name implies: it accepts requests from clients, and resolves these requests by directing them to the content provider with a distinct authority. To do this, the Content Resolver stores a mapping from authorities to Content Providers.
ContentProvider is mainly used for access data from one application to another application. For example by using ContentProvider we can get phone contacts,call log from phone to our own application in android. we can also access data which are stored in (sqlite)databases.
Try android:exported="false"
in your manifest.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With