From cd1ab4c4dbe40c836d826356084c8b102e174e78 Mon Sep 17 00:00:00 2001 From: Rick Anderson <3605364+Rick-Anderson@users.noreply.github.com> Date: Mon, 27 Feb 2023 14:07:33 -1000 Subject: [PATCH] Update key-storage-ephemeral.md (#28485) --- .../data-protection/implementation/key-storage-ephemeral.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aspnetcore/security/data-protection/implementation/key-storage-ephemeral.md b/aspnetcore/security/data-protection/implementation/key-storage-ephemeral.md index c96a20f3fb..39ec227b89 100644 --- a/aspnetcore/security/data-protection/implementation/key-storage-ephemeral.md +++ b/aspnetcore/security/data-protection/implementation/key-storage-ephemeral.md @@ -12,7 +12,7 @@ uid: security/data-protection/implementation/key-storage-ephemeral There are scenarios where an application needs a throwaway `IDataProtectionProvider`. For example, the developer might just be experimenting in a one-off console application, or the application itself is transient (it's scripted or a unit test project). To support these scenarios the [Microsoft.AspNetCore.DataProtection](https://www.nuget.org/packages/Microsoft.AspNetCore.DataProtection/) package includes a type `EphemeralDataProtectionProvider`. This type provides a basic implementation of `IDataProtectionProvider` whose key repository is held solely in-memory and isn't written out to any backing store. -Each instance of `EphemeralDataProtectionProvider` uses its own unique master key. Therefore, if an `IDataProtector` rooted at an `EphemeralDataProtectionProvider` generates a protected payload, that payload can only be unprotected by an equivalent `IDataProtector` (given the same [purpose](xref:security/data-protection/consumer-apis/purpose-strings#data-protection-consumer-apis-purposes) chain) rooted at the same `EphemeralDataProtectionProvider` instance. +Each instance of `EphemeralDataProtectionProvider` uses its own unique primary key. Therefore, if an `IDataProtector` rooted at an `EphemeralDataProtectionProvider` generates a protected payload, that payload can only be unprotected by an equivalent `IDataProtector` (given the same [purpose](xref:security/data-protection/consumer-apis/purpose-strings#data-protection-consumer-apis-purposes) chain) rooted at the same `EphemeralDataProtectionProvider` instance. The following sample demonstrates instantiating an `EphemeralDataProtectionProvider` and using it to protect and unprotect data.