This is a quick post to signal a “worst practice” I’ve see today in a partner’s extension.
This extension needs to save some private data and the partner has decided to use the Service Password table for that scope. The Service Password table is a particular table (ID 1261, present also in NAV) with the following structure:
This table was born in the NAV era for implementing the Service Data Encapsulation pattern. This table stores a key/value pair, where the key is a GUID and the Value is BLOB that contains the encrypted value of the key passed.
Why this is not a best practice in my opinion? Because now we’re in the extensions era, different extensions from different vendors could be installed in a tenant and for handling isolation of data there’s a dedicated system object for that: the Isolated Storage.
The Service Password table (or other similar tables) doesn not guarantee that your data is isolated in your extension scope. You can have an extension A that writes a sensitive encrypted data into this table and maybe an extension B that deletes that data. And if a malicious extension C modify that data or is able to decrypt that data?Where is your security?
In the extension world (and expecially with Dynamics 365 Business Central) for storing sensitive data with your extension you need to start using the Isolated Storage. This is a data storage that provides isolation between extensions, so that you can keep keys/values in one extension from being accessed from other extensions. The isolation is always per-extension and you can set also the scope visibility of the stored data (in order to restrict more the data visibility):
|Module||Indicates that the record is available in the scope of the app(extension) context.|
|Company||Indicates that the record is available in the scope of the company within the app context.|
|User||Indicates that the record is available for a user within the app context.|
|CompanyAndUser||Indicates that the record is available for a user and specific company within the app context.|
The default value of DataScope is Module if not specified.
This is a small example of what you need to do for saving and retrieving a data from the Isolated Storage:
local procedure IsolatedStorageTest() var keyValue: Text; begin IsolatedStorage.Set('mykey','myvalue',DataScope::Company); if IsolatedStorage.Contains('mykey',DataScope::Company) then begin IsolatedStorage.Get('mykey',DataScope::Company,keyValue); Message('Key value retrieved is %1', keyValue); end; IsolatedStorage.Delete('mykey',DataScope::Company); end;
This is extremely simple and (more important) secure! If extension A creates the key mykey in the Isolated Storage, no other extensions can access this data.
Please remember this and don’t use standard tables for storing sensitive data.
Hi Stefano , the functions (ENCRYPTIONKEYEXISTS ,ENCRYPTIONENABLED) are allowed only in BC onprem?
Sorry for the delay, but this comment was targeted as spam 😦 Answer: No. You have them also on SaaS.
I couldn’t find more code samples for this. I checked in your Quick Start book and other BC books.
Do you have an example with a password table field, an obfuscated page field where a user can set this and two functions that set the data and retrieve it to be used when a http call is made for instance?
You can create a page with a field called Password, then use the following two functions for writing and retrieving it from Isolated Storage:
procedure SetPassword(Pwd: Text)
if Pwd ” then
//Datascope = User means that thid data is readable only from the user that has written it
procedure GetPassword(): Text;
if IsolatedStorage.Contains(‘password’,DataScope::User) then
Thank you Stefano, nice and clean, I like it!
ISOLATEDSTORAGE.SET(‘myKey’,’MyValue’,DATASCOPE::User); // and any other datascope
Microsoft Dynamics 365 Business Central
The following C/AL functions are limited during write transactions because one or more tables will be locked. Form.RunModal is not allowed in write transactions. Codeunit.Run is allowed in write transactions only if the return value is not used. For example, ‘OK := Codeunit.Run()’ is not allowed. Report.RunModal is allowed in write transactions only if ‘RequestForm = FALSE’. For example, ‘Report.RunModal(…,FALSE)’ is allowed. XmlPort.RunModal is allowed in write transactions only if ‘RequestForm = FALSE’. For example, ‘XmlPort.RunModal(…,FALSE)’ is allowed. Use the COMMIT function to save the changes before this call, or structure the code differently.
I saw now that we also have Isolated Certificate table, similar like Isolated Storage, probably only for storing certificates. I didn’t find any ms documentation about this table online.
We used dotnet libraries to manage (import, export, get) certificates in earlier version of NAV, and we need new way for doing this in BC15.
Did you try Isolated Certificate, and do you have any tips for us?
Yes, there are two tables now:
– T1262 “Isolated Certificate”
– T2000000107 “Isolated Storage”
“Isolated Certificate”: stores information about the certificate, is accessible to any extension, does not store the private key
“Isolated Storage”: stores the private key and password, is only accessible to a single application/extension
I’m not able to retrieve (or check if exist) certificate value that is stored in Isolated Storage from standard certificate page from my extension, because of data scope that is limit on app.
Is there any way to retrieve certificate from my extension?