In my post Fingerprint and biometrics authentication in Xamarin Forms I looked at using biometrics (face id/touch id) to authenticate a user.
Using biometrics is pretty useful, but ultimately we’d usually want to use the biometrics along with some way of storing a token, password or whatever. In other words the usual pattern would be something like this
- Request the user login details and then ask if the user wishes to use biometrics to log into your application (as this post is about using biometrics etc. let’s assume the user does indeed want to use biometrics)
- Store the token or other details for the successful login within secure storage
- When the user next try to log into your application, offer an option to use the password to login but by default give an option to login via biometrics
- Assuming the user selects biometrics, then use the previously show code for biometric authorisations
- Upon success of the biometrics authorisation, get the token/password etc. from the secure storage and use that to connect to your application/service
So how do we use secure storage within Xamarin forms. The Xamarin Essential nuget package give us SetAsync, for example
await Xamarin.Essentials.SecureStorage.SetAsync(key, token);
and to read back from the storage we use GetAsync, for example
var token = Xamarin.Essentials.SecureStorage.GetAsync(key);