Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
Secret Service API Draft › API Documentation
ContentsContents
Secret Service API Draft
  1. I API Documentation
    1. 1 Introduction
    2. 2 Secrets
    3. 3 Collection and Items
    4. 4 Aliases
    5. 5 Lookup Attributes
    6. 6 Sessions
    7. 7 Transfer of Secrets
    8. 8 Locking and Unlocking
    9. 9 Prompts and Prompting
    10. 10 What's not included in the API
    11. 11 Notes for Service Implementors
  2. II D-Bus API Reference
    1. 12 Object Paths
    2. 13 Interfaces
    3. 14 Types
    4. 15 Errors
  3. References
Navigation
Secret Service API Draft › API Documentation
Top

Part I API Documentation

1 Introduction

The Secret Service API allows client applications to store secrets securely in a service running in the user's login session.

2 Secrets

A secret is something an application wishes to store securely. A good example is a password that an application needs to save and use at a later date.

3 Collection and Items

Each secret is stored together with lookup attributes and a label. These together form an item.

4 Aliases

Collections may be accessed via well known aliases. For example an alias called default tells applications which is the default collection to store secrets.

5 Lookup Attributes

Attributes can and should be stored with a secret to facilitate lookup of the secret at a later date.

6 Sessions

A session is established between a client application and a service. A session is used to transfer secrets between the client application and the service.

7 Transfer of Secrets

To access or store secrets, use the GetSecret(), SetSecret() methods on the item interface, or the GetSecrets(), method on the service interface.

8 Locking and Unlocking

Some items and/or collections may be marked as locked by the service. The secrets of locked items cannot be accessed. Additionally, locked items or collections cannot be modified by the client application.

9 Prompts and Prompting

In order to complete various operations, such as unlocking a collection, the service may need to prompt the user for additional information, such as a master password.

10 What's not included in the API

A service may implement additional DBus interfaces for further capabilities not included in this specification. Password management applications or other narrowly focused tools should make use of these when necessary.

11 Notes for Service Implementors

[TODO: complete]

Chapter 1 IntroductionSecret Service API Draft

© 2024 Freedesktop.org