Isolated storage: how does it work?

Hello reader, in this article I want to tell you what isolated storage is and how you can use it through an example.

Isolated storage is a feature to protect sensitive data, such as passwords, license keys, tokens in Microsoft Business Central. Using this feature, it is not possible to access these data externally, even between apps.

Isolated storage refers to the homonymous table. Through the functions that AL language provides us, we can act only on the Key and Value fields.

To see how it works, we will make a small app, where, for page ID (which will be our key) we will store a password; which we will then have to type when opening it.

We create a simple table where, in addition to the user, we enter the Id of the page we want to manage and the password. In particular, at the validate of the password field.

First of all, we check if the key already exists using the Contains function. Note that as DataScope we have put User, that is, the Isolated Storage for this application that we have done works on the user. The other values can be: Company, CompanyAndUser, Module.

With the SetEncrypted function we set our Isolated Storage record with encryption if enabled by the system (otherwise you can also use the Set function).

After entering the setup record, let’s see how we find our Isolated Storage table.

As you can see, the system automatically created a record in the table with the encrypted password value.

Then we create a dialog page where we are asked for the password and when we press OK the password check is done.

Note that you need to use the Get function to get the value based on the key and then compare it with the entered password text. At this point, all we have to do is develop a codeunit that calls this dialog page at the OnOpenPage event of the page.

The effect we will have is the following:

If we enter the wrong password, the system will warn us and will not let us open the page of the item list.

As you may have noticed, in every function that calls IsolatedStorage I have put the [NonDebuggable] attribute, this I would say is a best practice because when working with encrypted data it is good practice not to debug the stream that passes.

I hope this article has given you a new insight on possible developments that use Isolated Storage.

Leave a Reply