ICredentialProviderCredential interface

Exposes methods that enable the handling of a credential.

Methods

The ICredentialProviderCredential interface has these methods.

Method Description
ICredentialProviderCredential::Advise Enables a credential to initiate events in the Logon UI or Credential UI through a callback interface. This method should be called before other methods in ICredentialProviderCredential interface.
ICredentialProviderCredential::CommandLinkClicked Enables the Logon UI and Credential UI to indicate that a link was clicked.
ICredentialProviderCredential::GetBitmapValue Enables retrieval of bitmap data from a credential with a bitmap field.
ICredentialProviderCredential::GetCheckboxValue Retrieves the checkbox value.
ICredentialProviderCredential::GetComboBoxValueAt Gets the string label for a combo box entry at the given index.
ICredentialProviderCredential::GetComboBoxValueCount Gets a count of the items in the specified combo box and designates which item should have initial selection.
ICredentialProviderCredential::GetFieldState Retrieves the field state. The Logon UI and Credential UI use this to gain information about a field of a credential to display this information in the user tile.
ICredentialProviderCredential::GetSerialization Called in response to an attempt to submit this credential to the underlying authentication engine.
ICredentialProviderCredential::GetStringValue Enables retrieval of text from a credential with a text field.
ICredentialProviderCredential::GetSubmitButtonValue Retrieves the identifier of a field that the submit button should be placed next to in the Logon UI.
ICredentialProviderCredential::ReportResult Translates a received error status code into the appropriate user-readable message.
ICredentialProviderCredential::SetCheckboxValue Enables a Logon UI and Credential UI to indicate that a checkbox value has changed.
ICredentialProviderCredential::SetComboBoxSelectedValue Enables a Logon UI and Credential UI to indicate that a combo box value has been selected.
ICredentialProviderCredential::SetDeselected Called when a credential loses selection.
ICredentialProviderCredential::SetSelected Called when a credential is selected. Enables the implementer to set logon characteristics.
ICredentialProviderCredential::SetStringValue Enables a Logon UI or Credential UI to update the text for a CPFT_EDIT_TEXT fields as the user types in them.
ICredentialProviderCredential::UnAdvise Used by the Logon UI or Credential UI to advise the credential that event callbacks are no longer accepted.

Remarks

When to Implement

ICredentialProviderCredential is implemented by outside parties providing a Logon UI or Credential UI prompting for user credentials. Enumeration of user tiles cannot be done without an implementation of this interface.

Credential Provider Best Practices

Credential providers handle extremely sensitive user secrets in order to complete logon and unlock requests. As a best practice, secret information such as passwords and PINs should be handled with the utmost care. Proper techniques for handling secret information within a credential provider are:
  • Always securely discard secrets. To do this, call SecureZeroMemory before freeing the memory used to hold any secret.
  • Securely discard secrets promptly after they are used.
  • Securely discard secrets if they are not used for their intended purpose within an expected amount of time.

Requirements

   
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header credentialprovider.h

See Also

Credential Providers in Windows 10

ICredentialProvider