Menu
In my Windows service I need to be able to retrieve credentials for a third-party REST API that is stored in my SQL Server 2012 database that is on the same network. Each of my customers may have a different API credential assigned to them. For example:
Customer Name | API ID | API Password In Plain Text
-----------------------------------------------------
Customer 1 1234 somepassword
Customer 2 1234 somepassword
Customer 3 5678 anotherpassword
In the first iteration of this service, all of the customers used the same API credential and it was encrypted in the app.config of the Windows service using SectionInformation.ProtectSection.
Do I just use one the encrypt/decrypt methods provided by the .NET framework and store that value in the database? For example, one the solutions provided here: Encrypting & Decrypting a String in C#? Any suggestions or other solutions I can look into?
481
As suggested by @SyntaxGoonoo I plan to use the ProtectedData Class provided by the data protection API (DAPI). I'll set the DataProtectionScope to run as the CurrentUser associated with the Windows service to decrypt the credentials from the SQL database. I'll probably have to make another application that encrypts the credentials and stores it in the database (using the same user context).
Here's some additional resources:
78
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
