Windows 10 Undocumented Credential Providers API

811 views Asked by At

I am developing a credential provider. It is working fine, but on one of debugging stages I have been tracing calls to my provider's QueryInterface method and have found some interesting IID's it has been asked for:

Intrface IID: 8A4E89FE-C09D-475E-88CB-F8F11E047C50
Intrface IID: 4A54A3B6-A8D3-46A8-9080-811BA8CCB07D
Intrface IID: AC9888CD-1278-4D00-A05E-7B052C014553
Intrface IID: 5881C1A8-5B25-41AB-9311-750F996C8615
Intrface IID: F6247CF9-061D-46E7-AAA7-0FDE071A5C1A
Intrface IID: A09BCC29-D779-4513-BB59-B4DB5D82D2B6

Some of them have traces inside of credprovhost.dll and I can make some suggestions:

Intrface IID: 4A54A3B6-A8D3-46A8-9080-811BA8CCB07D
Possible call method: ICredentialProviderCredential4::GetTextFieldLength

Intrface IID: AC9888CD-1278-4D00-A05E-7B052C014553
Possible call method: ICredentialProviderCredentialWithHiddenCredUISubmitButton::ShouldHideCredUISubmitButton

Intrface IID: 5881C1A8-5B25-41AB-9311-750F996C8615
Possible call method: ICredentialProviderCredentialWithDisabledCredUISubmitButton::ShouldDisableCredUISubmitButton

Intrface IID: F6247CF9-061D-46E7-AAA7-0FDE071A5C1A
Possible call method: ICredentialProviderCredentialTileDataInfo::GetTileVisibility

Intrface IID: A09BCC29-D779-4513-BB59-B4DB5D82D2B6
Possible call method: ICredentialProviderWithDisplayState::SetDisplayState

But this one 8A4E89FE-C09D-475E-88CB-F8F11E047C50 have no any traces around call for it and appears only in Windows 10.

What could it be????? Any suggestions, please.

1

There are 1 answers

1
Geoff Chappell On BEST ANSWER

No, you won't find this one's symbols from any amount of looking at credprovhost. It's IAutoLogonProvider, with just the one (non-IUnknown) method SetAutoLogonManager. One way to have found this for yourself is to look at the symbols for Microsoft's credential providers.

This bit of free (if late) information for you looks like it will soon be this interface's first appearance in text as known to Google. The three matches that Google finds just now are just someone's automated PDB dumps. I suppose such dumps are worth something, but I also suspect that many more people know more about this stuff but just aren't saying.