Tech Community Live: Windows edition
Jun 05 2024, 07:30 AM - 11:30 AM (PDT)
Microsoft Tech Community

Can MSIX help with securing application data, API keys?

Copper Contributor

Hi Team,


I am hoping you could assist with this. I am wanting to secure some application data during the install process, specifically API keys.

Does MSIX have something to help with this?

I have posted this on StackOverflow but have not received feedback yet.

I am developing a Windows Desktop Application using C++ MFC, and I want to securely store API keys, during the installation process. Ideally I do not want third party applications to be able to access the information.

The desktop native application, will be using the API keys for OAUTH flows. The API keys are sensitive, and could potentially be used to impersonate the application, and should be protected.

I have considered encrypting the API keys, and store them encrypted on DISK using DPAPI, but the installer might carry the information in the clear, and perhaps the installer might not offer DPAPI. Also when using DPAPI, it's not 100% secure, as other third party installed applications can read the keys.

Do Windows application installers offer DPAPI or another mechanism for this purpose?

What is the recommended approach for securing API keys or sensitive information on Windows 10 and 11, during installation. (Perhaps not using API keys for Desktop applications is the safest option)

I am hoping for a simple solution similar to what Android, IOS or MacOS has, where only the signed application with its unique application identifier, can access its own securely stored data.

0 Replies