React Native Keychain Access

Common errors

• IllegalBlockSizeException on Android while decrypting

  cause Occurred due to issues with encryption/decryption keys or data padding on Android.
  fix This issue was specifically addressed and fixed in `react-native-keychain` version 9.2.1. Upgrade to version 9.2.1 or newer.

• Incompatibility between react-native-keychain Versions 8.2.0 and 9.0.0 for getGenericPassword

  cause A specific incompatibility was introduced between these major versions affecting `getGenericPassword` calls.
  fix This issue was resolved in `react-native-keychain` version 9.2.3. Upgrade to version 9.2.3 or newer to fix the incompatibility.

• Invariant Violation: `new NativeEventEmitter()` was called with a non-null argument but no `addListener` method was found on the passed-in native module.

  cause Often indicates that the native module isn't correctly linked or initialized for the target platform, or an issue with React Native's native module bridge.
  fix Ensure `react-native link` (for older RN versions) or autolinking is working. Clean your project (e.g., `cd ios && pod cache clean --all && rm -rf build && pod install`), clear Metro cache (`npm start -- --reset-cache`), and rebuild the app.

• Xcode Build Error: 'React/RCTBridgeModule.h' file not found

  cause Common issue in iOS builds where CocoaPods dependencies are not correctly installed or linked, often after `react-native-keychain` installation.
  fix Navigate to your `ios` directory and run `pod install`. If issues persist, try `pod deintegrate && pod clean && pod install`, then clean the Xcode build folder.

Warnings

• breaking Version 10.0.0 introduces a breaking change requiring `minAndroidSdk` to be 23 or higher. Applications targeting older Android API levels will not build or function correctly.
  Fix: Update your `minAndroidSdk` in `android/app/build.gradle` to at least 23.
• breaking The deprecated FacebookConceal integration and library warmup methods were removed in v10.0.0. If your application relied on these, they must be removed from your codebase.
  Fix: Remove any calls to `library warmup` as autolinking handles initialization. If using `FacebookConceal`, consider staying on an older version or migrating to a different encryption method.
• gotcha For biometric authentication features (e.g., Face ID), iOS requires the `NSFaceIDUsageDescription` key in your `Info.plist` with a user-facing explanation of why the app needs Face ID access. Failure to include this will result in a runtime crash when attempting to use Face ID.
  Fix: Add `<key>NSFaceIDUsageDescription</key><string>Your privacy message here</string>` to your `ios/YourApp/Info.plist` file.
• gotcha Older versions of `react-native-keychain` had compatibility issues with specific React Native versions (e.g., 0.69-0.71, 0.73), leading to build failures or unexpected behavior.
  Fix: Always ensure you are on the latest stable version of `react-native-keychain` to benefit from compatibility fixes with recent React Native releases. Check the changelog for specific version requirements.
• deprecated On Android, `SharedPreferences` for storage was replaced by Jetpack `DataStore` in v9.2.0 for enhanced security and performance. While migration is seamless, be aware of the underlying change.
  Fix: No direct fix required for existing installations as migration is automatic, but new implementations should understand DataStore is the backend.

Install

• npm install react-native-keychain npm
• yarn add react-native-keychain yarn
• pnpm add react-native-keychain pnpm

Imports

• Keychain
  wrong:

  const Keychain = require('react-native-keychain');

  correct:

  import * as Keychain from 'react-native-keychain';

  Common pattern for accessing all module functions. The library ships with TypeScript types.
• getGenericPassword
  wrong:

  import getGenericPassword from 'react-native-keychain';

  correct:

  import { getGenericPassword } from 'react-native-keychain';

  This is a named export, not a default export.
• ACCESSIBLE
  wrong:

  import { Accessible } from 'react-native-keychain';

  correct:

  import { ACCESSIBLE, SECURITY_LEVEL } from 'react-native-keychain';

  Constants for configuring keychain item accessibility and security levels are named exports and typically uppercase.

Quickstart

Demonstrates how to store, retrieve, and reset generic credentials (username/password) using `react-native-keychain` with specific access control and security levels.

import * as Keychain from 'react-native-keychain';

async function storeAndRetrieveCredentials(username: string, password_input: string) {
  try {
    // Store the credentials
    await Keychain.setGenericPassword(username, password_input, {
      service: 'myAppService',
      accessControl: Keychain.ACCESSIBLE.WHEN_UNLOCKED_THIS_DEVICE_ONLY,
      securityLevel: Keychain.SECURITY_LEVEL.SECURE_SOFTWARE
    });
    console.log('Credentials successfully stored!');

    // Retrieve the credentials
    const credentials = await Keychain.getGenericPassword({
      service: 'myAppService'
    });

    if (credentials) {
      console.log('Credentials successfully loaded for user ' + credentials.username);
      console.log('Password is ' + credentials.password);
      // In a real app, you would use these credentials, not log the password directly.
    } else {
      console.log('No credentials stored.');
    }

    // Example of resetting credentials
    await Keychain.resetGenericPassword({ service: 'myAppService' });
    console.log('Credentials successfully reset!');

  } catch (error) {
    console.error('Keychain operation failed', error);
  }
}

// Example usage:
// Use environment variables or secure inputs in a real application
const myUsername = process.env.KEYCHAIN_USERNAME ?? 'testuser';
const myPassword = process.env.KEYCHAIN_PASSWORD ?? 'supersecretpassword';

storeAndRetrieveCredentials(myUsername, myPassword);