Secure Extension Data Service

The secure extension data service allows tool extensions to securely send data to plugins. This is useful for extensions that need to pass sensitive data, but any string less than 245 bytes can be sent to plugins via this service. There are 3 steps involved:

Encrypting data as secure tokens

A tool extension can store up to 10 keys with the service. The tokens where the encrypted data is stored in expire when the session ends, and it will not permanently store any data. The data must be in a string format, so it may be useful to JSON serialize data from the tool and deserialize in the plugin.

Adding the secure data token to a request

To send the encrypted data to a plugin, developers will need to obtain a new AjaxRequest, or optionally provide an existing one, in which case the appropriate headers will be added. After that, just call the desired plugin's endpoint with the request.

Decrypting data in plugin

In the plugin's desired endpoint's code, just call this.GetSecureExtensionData(request) from Microsoft.ManagementExperience.FeatureInterface to retrieve your data.