Data is not removed when user uninstall the IOS app but its working fine in Android side.

[MohsinIkram777]

I'm saving user credentails in the secure stoage and when user unistall the app without logout then install the app again then the excepted behaivor is user moved to login screen because all data cleared when user uniinstall the app.

But its not working in IOS side. User is going to dashboard screen as data is not cleared. But In Android side its working great. User moved to login screen.

Let me know if you have fixed it in the any latest version or any proper solution you have? Need your swift response we are going to live in this week. Thanks

[KrsticM]

I have same problem. Have you found any solution?

[diipak-singh]

Keychain data can persist across app uninstalls unless explicitly cleared, whereas Android typically wipes all app-associated data, including secure storage, upon uninstallation. I’ve encountered a similar issue before and resolved it by implementing a simple workaround. The solution involves using a flag stored in shared preferences (or a similar lightweight storage mechanism) to detect whether the app has been reinstalled.

1. When the app is first installed or launched, set a flag (e.g., isAppInstalled) in shared preferences.
2. On app start, check if the flag exists.
3. If missing (reinstall detected), manually clear all data with deleteAll
4. Set the flag again after clearing.

[MohsinIkram777]

@diipak-singh yeah, I have already implemented this solution. I'm clearning the auth on the basis of that flag. Thanks for your input.

[MohsinIkram777]

@KrsticM I have fixed by this code -> just add this dependency into pubspecs file-> shared_preferences

and call this method into the Main.dart file

clearSecureStorageOnReinstall() async {
  String key = 'hasRunBefore';
  SharedPreferences prefs = await SharedPreferences.getInstance();

  if (!(prefs.getBool(key) ?? false)) {
    await UserPreferences.logoutUser(); //Remove auth credentails here
    prefs.setBool(key, true);
  }
}

[diipak-singh]

@KrsticM I have fixed by this code -> just add this dependency into pubspecs file-> shared_preferences

and call this method into the Main.dart file

clearSecureStorageOnReinstall() async {
  String key = 'hasRunBefore';
  SharedPreferences prefs = await SharedPreferences.getInstance();

  if (!(prefs.getBool(key) ?? false)) {
    await UserPreferences.logoutUser(); //Remove auth credentails here
    prefs.setBool(key, true);
  }
}

you should also delete the data as well from flutter secure storage if you find out that app is fresh installed something like FlutterSecureStorage().deleteAll(iOptions: _getIOSoptions())

[akrutipanchal]

Any update on this? As this is a security risk if we use any third party tools for testing purpose.

[vanyasem]

I'm not sure if there's anything a plugin can do AFAIK there's no way to run an action "on app uninstall", iOS doesn't provide such a callback And iOS keeps all values in the keystore when the app is uninstalled - it's an iOS feature Only shared preferences & app's files are cleared on uninstall You can implement your own encryption and store sensitive values in encrypted form in shared preferences, or in a separate file in app's data directory, but this seems out of scope of this package

Android doesn't have a system-wide keystore, which is why it isn't an issue there It has nothing to do with the package itself

[vanyasem]

See https://stackoverflow.com/questions/4747404/delete-keychain-items-when-an-app-is-uninstalled for more details

[hectorAguero]

This issue should be as important notice on readme in case it won't be fixed.

Maybe the package can be able to handle this by using UserDefaults on iOS, so it set's the hasRunBefore flag and clear the Keychain values when the flag wasn't found.

[github-actions[bot]]

⚠️ This issue has been marked as stale because it has been open for 60 days with no activity.

If this issue is still relevant, please comment to keep it active. Otherwise, it will be closed in 60 days.