--- description: Replace Ionic Identity Vault with the Capacitor Biometrics plugin and Secure Preferences. Face ID, fingerprint, encrypted storage, and session management. title: Alternative to the Ionic Identity Vault Plugin - Capawesome image: https://capawesome.io/docs/assets/images/social/blog/alternative-to-ionic-identity-vault-plugin.png --- [ Skip to content](#alternative-to-the-ionic-identity-vault-plugin) [ 🎉 Introducing **Capawesome Platform** — one platform for Live Updates, Native Builds, App Store Publishing, and Insider SDKs.](https://capawesome.io) * [ Formbricks ](/docs/plugins/formbricks/) * [ Geocoder ](/docs/plugins/geocoder/) * [ Google Sign-In ](/docs/plugins/google-sign-in/) * [ libSQL ](/docs/plugins/libsql/) * [ Live Update ](/docs/plugins/live-update/) * [ Managed Configurations ](/docs/plugins/managed-configurations/) * [ Media Session ](/docs/plugins/media-session/) * [ ML Kit ](/docs/plugins/mlkit/) * [ NFC ](/docs/plugins/nfc/) * [ OAuth ](/docs/plugins/oauth/) * [ Pedometer ](/docs/plugins/pedometer/) * [ Photo Editor ](/docs/plugins/photo-editor/) * [ PostHog ](/docs/plugins/posthog/) * [ Printer ](/docs/plugins/printer/) * [ Purchases ](/docs/plugins/purchases/) * [ RealtimeKit ](/docs/plugins/realtimekit/) * [ Screen Orientation ](/docs/plugins/screen-orientation/) * [ Screenshot ](/docs/plugins/screenshot/) * [ Secure Preferences ](/docs/plugins/secure-preferences/) * [ Speech Recognition ](/docs/plugins/speech-recognition/) * [ Speech Synthesis ](/docs/plugins/speech-synthesis/) * [ Share Target ](/docs/plugins/share-target/) * [ Square Mobile Payments ](/docs/plugins/square-mobile-payments/) * [ SQLite ](/docs/plugins/sqlite/) * [ Superwall ](/docs/plugins/superwall/) * [ Torch ](/docs/plugins/torch/) * [ Wifi ](/docs/plugins/wifi/) * [ Zip ](/docs/plugins/zip/) * [ Cloud ](/docs/cloud/) * [ Live Updates ](/docs/cloud/live-updates/) * Advanced * Integrations * [ Native Builds ](/docs/cloud/native-builds/) * [ Configuration ](/docs/cloud/native-builds/configuration/) * [ Environments ](/docs/cloud/native-builds/environments/) * Guides * [ Sample Projects ](/docs/cloud/native-builds/sample-projects/) * [ Troubleshooting ](/docs/cloud/native-builds/troubleshooting/) * [ Automations ](/docs/cloud/automations/) * [ Assist ](/docs/cloud/assist/) * Account * Organizations * [ Organization and User Management ](/docs/cloud/organizations/memberships/) * [ Single Sign-On (SSO) ](/docs/cloud/organizations/sso/) * [ Teams ](/docs/cloud/organizations/teams/) * [ Two-Factor Authentication ](/docs/cloud/organizations/two-factor-authentication/) * [ Integrations ](/docs/cloud/integrations/) * [ License Keys ](/docs/cloud/license-keys/) * [ Webhooks ](/docs/cloud/webhooks/) * [ Pricing ](https://capawesome.io/pricing/) * [ FAQ ](/docs/cloud/faq/) * [ Support ](/docs/cloud/support/) * [ Contributing ](/docs/contributing/) * [ LLMs ](/docs/llms/) * [ Insiders ](/docs/insiders/) * [ License ](https://capawesome.io/legal/eula/) * [ Support ](/docs/insiders/support/) * [ FAQ ](/docs/insiders/faq/) * [ Blog ](/blog/) * Categories * [ Need Help Migrating? ](#need-help-migrating) * [ Conclusion ](#conclusion) * Related links # Alternative to the Ionic Identity Vault Plugin[¶](#alternative-to-the-ionic-identity-vault-plugin "Permanent link") Looking for a way to protect sensitive data and authenticate users in your Capacitor app? With [Ionic discontinuing](https://ionic.io/blog/important-announcement-the-future-of-ionics-commercial-products) their commercial Identity Vault plugin, developers need reliable alternatives for **biometric authentication** (Face ID, fingerprint) and secure session management. The [Capacitor Biometrics](/docs/plugins/biometrics/) plugin and [Capacitor Secure Preferences](/docs/plugins/secure-preferences/) plugin from Capawesome provide a modern alternative that covers the core functionality of Identity Vault. For a complete walkthrough on the Biometrcis plugin make sure to read [Exploring the Capacitor Biometrics API](/blog/exploring-the-capacitor-biometrics-api/). [ ![Build and deploy your Capacitor app with Capawesome Cloud](../../assets/external/cloud.capawesome.io/assets/banners/cloud-build-and-deploy-capacitor-apps.69628c3f.png) ](/) ## Introduction[¶](#introduction "Permanent link") Ionic Identity Vault combined biometric authentication, encrypted storage, and session management into a single plugin. It allowed developers to store tokens and credentials securely, lock and unlock a vault using Face ID or fingerprint, and automatically clear sensitive data after inactivity. Following Ionic's decision to phase out their commercial products, developers need to find a replacement. The good news is that you can replicate the key features of Identity Vault by combining the [Biometrics](/docs/plugins/biometrics/) plugin and [Secure Preferences](/docs/plugins/secure-preferences/) plugin from Capawesome. Together, they cover biometric authentication, encrypted key-value storage, and can be used to build session management logic tailored to your app. ## Feature Comparison[¶](#feature-comparison "Permanent link") Here's a side-by-side look at how Identity Vault features map to the Capawesome plugins: | Feature | Identity Vault | Capawesome | | ---------------------------- | ---------------------- | --------------------------------------------------------------------------------------------- | | Biometric authentication | Vault.unlock() | [Biometrics.authenticate(...)](/docs/plugins/biometrics/#authenticate) | | Store values | Vault.setValue(...) | [SecurePreferences.set(...)](/docs/plugins/secure-preferences/#set) | | Retrieve values | Vault.getValue(...) | [SecurePreferences.get(...)](/docs/plugins/secure-preferences/#get) | | Remove values | Vault.removeValue(...) | [SecurePreferences.remove(...)](/docs/plugins/secure-preferences/#remove) | | List keys | Vault.getKeys() | [SecurePreferences.keys()](/docs/plugins/secure-preferences/#keys) | | Clear all data | Vault.clear() | [SecurePreferences.clear()](/docs/plugins/secure-preferences/#clear) | | Check biometric availability | Device API | [Biometrics.isAvailable()](/docs/plugins/biometrics/#isavailable) | | Check biometric enrollment | Device API | [Biometrics.isEnrolled()](/docs/plugins/biometrics/#isenrolled) | | Device credential fallback | Vault config | [authenticate(...)](/docs/plugins/biometrics/#authenticate) with allowDeviceCredential option | | Auto-lock on timeout | Built-in | Application logic | | Custom passcode | Built-in vault type | Application logic | | Lock/unlock events | onLock / onUnlock | Application logic | While Identity Vault bundles everything into a single class, the Capawesome approach gives you more flexibility by separating biometric authentication from storage. This makes it easier to use each feature independently and adapt the behavior to your specific needs. AI-Assisted Migration For a more guided experience, add the [Capawesome skills](https://github.com/capawesome-team/skills) to your project with `npx skills add capawesome-team/skills --skill ionic-enterprise-sdk-migration` and use the following prompt with your preferred AI coding assistant: `` [](#%5F%5Fcodelineno-0-1)Use the `ionic-enterprise-sdk-migration` skill from `capawesome-team/skills` to help me migrate from Ionic Identity Vault to Capawesome Biometrics and Secure Preferences. `` ## Migration from Identity Vault[¶](#migration-from-identity-vault "Permanent link") Migrating from Identity Vault involves replacing vault operations with the corresponding Capawesome plugin methods. The following sections walk you through the most common scenarios. ### Installation[¶](#installation "Permanent link") Begin by removing the existing Identity Vault dependency and installing the Capawesome alternatives. To install the [Biometrics](/docs/plugins/biometrics/) plugin, please refer to the [Installation](/docs/plugins/biometrics/#installation) section in the plugin documentation. To install the [Secure Preferences](/docs/plugins/secure-preferences/) plugin, please refer to the [Installation](/docs/plugins/secure-preferences/#installation) section in the plugin documentation. ### Biometric Authentication[¶](#biometric-authentication "Permanent link") Identity Vault uses `Vault.unlock()` to trigger biometric authentication. With Capawesome, you use the [Biometrics](/docs/plugins/biometrics/) plugin's [authenticate(...)](/docs/plugins/biometrics/#authenticate) method directly. **Identity Vault:** `[](#%5F%5Fcodelineno-1-1)import { Vault, DeviceSecurityType, VaultType } from '@ionic-enterprise/identity-vault'; [](#%5F%5Fcodelineno-1-2) [](#%5F%5Fcodelineno-1-3)const vault = new Vault({ [](#%5F%5Fcodelineno-1-4) key: 'com.example.vault', [](#%5F%5Fcodelineno-1-5) type: VaultType.DeviceSecurity, [](#%5F%5Fcodelineno-1-6) deviceSecurityType: DeviceSecurityType.Both, [](#%5F%5Fcodelineno-1-7) lockAfterBackgrounded: 2000, [](#%5F%5Fcodelineno-1-8)}); [](#%5F%5Fcodelineno-1-9) [](#%5F%5Fcodelineno-1-10)const unlock = async () => { [](#%5F%5Fcodelineno-1-11) await vault.unlock(); [](#%5F%5Fcodelineno-1-12)}; ` **Capawesome Biometrics:** `[](#%5F%5Fcodelineno-2-1)import { Biometrics } from '@capawesome-team/capacitor-biometrics'; [](#%5F%5Fcodelineno-2-2) [](#%5F%5Fcodelineno-2-3)const authenticate = async () => { [](#%5F%5Fcodelineno-2-4) await Biometrics.authenticate({ [](#%5F%5Fcodelineno-2-5) title: 'Authenticate', [](#%5F%5Fcodelineno-2-6) subtitle: 'Verify your identity to continue', [](#%5F%5Fcodelineno-2-7) allowDeviceCredential: true, [](#%5F%5Fcodelineno-2-8) }); [](#%5F%5Fcodelineno-2-9)}; ` The [authenticate(...)](/docs/plugins/biometrics/#authenticate) method supports customizable prompts via `title`, `subtitle`, and `cancelButtonText` options. Setting `allowDeviceCredential` to `true` lets users fall back to their device PIN or password if biometrics are unavailable. If authentication fails, you can handle the error and decide whether to keep the session locked or clear sensitive data. ### Storing Values[¶](#storing-values "Permanent link") Identity Vault's `setValue(...)` stores data inside the encrypted vault. With Capawesome, you use the [Secure Preferences](/docs/plugins/secure-preferences/) plugin, which encrypts data using the platform's native secure storage (Android Keystore with AES-256 encryption on Android, Keychain on iOS). **Identity Vault:** `[](#%5F%5Fcodelineno-3-1)import { Vault } from '@ionic-enterprise/identity-vault'; [](#%5F%5Fcodelineno-3-2) [](#%5F%5Fcodelineno-3-3)const storeToken = async (vault: Vault) => { [](#%5F%5Fcodelineno-3-4) await vault.setValue('session_token', 'eyJhbGciOiJIUzI1NiIs...'); [](#%5F%5Fcodelineno-3-5)}; ` **Capawesome Secure Preferences:** `[](#%5F%5Fcodelineno-4-1)import { SecurePreferences } from '@capawesome-team/capacitor-secure-preferences'; [](#%5F%5Fcodelineno-4-2) [](#%5F%5Fcodelineno-4-3)const storeToken = async () => { [](#%5F%5Fcodelineno-4-4) await SecurePreferences.set({ [](#%5F%5Fcodelineno-4-5) key: 'session_token', [](#%5F%5Fcodelineno-4-6) value: 'eyJhbGciOiJIUzI1NiIs...', [](#%5F%5Fcodelineno-4-7) }); [](#%5F%5Fcodelineno-4-8)}; ` ### Retrieving Values[¶](#retrieving-values "Permanent link") **Identity Vault:** `[](#%5F%5Fcodelineno-5-1)import { Vault } from '@ionic-enterprise/identity-vault'; [](#%5F%5Fcodelineno-5-2) [](#%5F%5Fcodelineno-5-3)const getToken = async (vault: Vault) => { [](#%5F%5Fcodelineno-5-4) const token = await vault.getValue('session_token'); [](#%5F%5Fcodelineno-5-5) return token; [](#%5F%5Fcodelineno-5-6)}; ` **Capawesome Secure Preferences:** `[](#%5F%5Fcodelineno-6-1)import { SecurePreferences } from '@capawesome-team/capacitor-secure-preferences'; [](#%5F%5Fcodelineno-6-2) [](#%5F%5Fcodelineno-6-3)const getToken = async () => { [](#%5F%5Fcodelineno-6-4) const { value } = await SecurePreferences.get({ key: 'session_token' }); [](#%5F%5Fcodelineno-6-5) return value; [](#%5F%5Fcodelineno-6-6)}; ` ### Removing Values[¶](#removing-values "Permanent link") **Identity Vault:** `[](#%5F%5Fcodelineno-7-1)import { Vault } from '@ionic-enterprise/identity-vault'; [](#%5F%5Fcodelineno-7-2) [](#%5F%5Fcodelineno-7-3)const removeToken = async (vault: Vault) => { [](#%5F%5Fcodelineno-7-4) await vault.removeValue('session_token'); [](#%5F%5Fcodelineno-7-5)}; ` **Capawesome Secure Preferences:** `[](#%5F%5Fcodelineno-8-1)import { SecurePreferences } from '@capawesome-team/capacitor-secure-preferences'; [](#%5F%5Fcodelineno-8-2) [](#%5F%5Fcodelineno-8-3)const removeToken = async () => { [](#%5F%5Fcodelineno-8-4) await SecurePreferences.remove({ key: 'session_token' }); [](#%5F%5Fcodelineno-8-5)}; ` ### Clearing All Data[¶](#clearing-all-data "Permanent link") **Identity Vault:** `[](#%5F%5Fcodelineno-9-1)import { Vault } from '@ionic-enterprise/identity-vault'; [](#%5F%5Fcodelineno-9-2) [](#%5F%5Fcodelineno-9-3)const clearVault = async (vault: Vault) => { [](#%5F%5Fcodelineno-9-4) await vault.clear(); [](#%5F%5Fcodelineno-9-5)}; ` **Capawesome Secure Preferences:** `[](#%5F%5Fcodelineno-10-1)import { SecurePreferences } from '@capawesome-team/capacitor-secure-preferences'; [](#%5F%5Fcodelineno-10-2) [](#%5F%5Fcodelineno-10-3)const clearAll = async () => { [](#%5F%5Fcodelineno-10-4) await SecurePreferences.clear(); [](#%5F%5Fcodelineno-10-5)}; ` ### Session Management[¶](#session-management "Permanent link") One of Identity Vault's built-in features is automatic session locking after a period of inactivity or when the app goes to the background. With Capawesome, you can build the same behavior using Capacitor's [App](https://capacitorjs.com/docs/apis/app) plugin combined with the [Biometrics](/docs/plugins/biometrics/) and [Secure Preferences](/docs/plugins/secure-preferences/) plugins. Here's an example of how to implement auto-lock when the app is backgrounded: `[](#%5F%5Fcodelineno-11-1)import { App } from '@capacitor/app'; [](#%5F%5Fcodelineno-11-2)import { Biometrics } from '@capawesome-team/capacitor-biometrics'; [](#%5F%5Fcodelineno-11-3)import { SecurePreferences } from '@capawesome-team/capacitor-secure-preferences'; [](#%5F%5Fcodelineno-11-4) [](#%5F%5Fcodelineno-11-5)let locked = false; [](#%5F%5Fcodelineno-11-6) [](#%5F%5Fcodelineno-11-7)App.addListener('appStateChange', async ({ isActive }) => { [](#%5F%5Fcodelineno-11-8) if (!isActive) { [](#%5F%5Fcodelineno-11-9) locked = true; [](#%5F%5Fcodelineno-11-10) } [](#%5F%5Fcodelineno-11-11) if (isActive && locked) { [](#%5F%5Fcodelineno-11-12) try { [](#%5F%5Fcodelineno-11-13) await Biometrics.authenticate({ [](#%5F%5Fcodelineno-11-14) title: 'Welcome back', [](#%5F%5Fcodelineno-11-15) subtitle: 'Authenticate to unlock', [](#%5F%5Fcodelineno-11-16) allowDeviceCredential: true, [](#%5F%5Fcodelineno-11-17) }); [](#%5F%5Fcodelineno-11-18) locked = false; [](#%5F%5Fcodelineno-11-19) } catch (error) { [](#%5F%5Fcodelineno-11-20) // Authentication failed - keep locked or sign out [](#%5F%5Fcodelineno-11-21) } [](#%5F%5Fcodelineno-11-22) } [](#%5F%5Fcodelineno-11-23)}); ` This gives you full control over when and how to lock the session, including custom timeout logic or clearing stored data on failed authentication. ## Need Help Migrating?[¶](#need-help-migrating "Permanent link") If you'd rather not handle the migration yourself, the Capawesome team can take care of it for you. Whether you're dealing with a straightforward swap or a more complex setup with custom session management, we offer dedicated migration services to get you up and running with minimal downtime and effort on your end. [Book a Free Consultation](https://cal.com/team/capawesome/ionic-appflow-migration) ## Conclusion[¶](#conclusion "Permanent link") The discontinuation of Ionic Identity Vault doesn't have to disrupt your workflow. The [Capacitor Biometrics](/docs/plugins/biometrics/) plugin and [Secure Preferences](/docs/plugins/secure-preferences/) plugin provide a solid alternative for biometric authentication, encrypted storage, and session management. For the full plugin documentation, see the [API Reference](/docs/plugins/biometrics/#api). **Related reading:** * [Exploring the Capacitor Biometrics API](/blog/exploring-the-capacitor-biometrics-api/) * [How to Securely Store Credentials with Capacitor](/blog/how-to-securely-store-credentials-with-capacitor/) * [Announcing the Capacitor Biometrics Plugin](/blog/announcing-the-capacitor-biometrics-plugin/) **Stay updated:** To stay updated with the latest updates, features, and news about Capawesome, Capacitor, and the Ionic ecosystem subscribe to our [Capawesome newsletter](/newsletter/). **Need help migrating from Identity Vault?** [Contact us](mailto:support@capawesome.io) to get started. May 7, 2026 Back to top