The secure extension data service allows tool extensions to securely send data to plugins. This is useful for extensions that need to pass sensitive data, but any string less than 245 bytes can be sent to plugins via this service. There are 3 steps involved:
A tool extension can store up to 10 keys with the service. The tokens where the encrypted data is stored in expire when the session ends, and it will not permanently store any data. The data must be in a string
format, so it may be useful to JSON serialize data from the tool and deserialize in the plugin.
To send the encrypted data to a plugin, developers will need to obtain a new AjaxRequest
, or optionally provide an existing one, in which case the appropriate headers will be added. After that, just call the desired plugin's endpoint with the request.
In the plugin's desired endpoint's code, just call this.GetSecureExtensionData(request)
from Microsoft.ManagementExperience.FeatureInterface
to retrieve your data.