What is the recommened way to store API keys and secrets in a UWP app?

Question

For a UWP app what is the recommend mechanism for storing secrets that need to be deployed with an app such as API keys and secret tokens? For user generated auth tokens PasswordVault makes sense but I can't see a way to set those as part of app deployment. Up until now I have them embedded in the app which doesn't seem "correct" or safe.

Answer 1

You can use PasswordCredential api, code snippet:

string CredentialsName = "testing";
private PasswordCredential GetCredentialFromLocker()
{
    PasswordCredential credential = null;

    var vault = new PasswordVault();
    IReadOnlyList<PasswordCredential> credentialList = null;
    try
    {
        credentialList = vault.FindAllByUserName(Username);
    }
    catch
    {
        return credential;
    }
    if (credentialList.Count > 0)
    {
        credential = credentialList[0];
    }

    return credential;
}

public void CreatePassword(string password, string username)
{
    var vault = new PasswordVault();
    vault.Add(new PasswordCredential(CredentialsName, username, password));

}