diff --git a/src/content/docs/plugin/biometric.mdx b/src/content/docs/plugin/biometric.mdx
index d3a9c903dd..9a66165717 100644
--- a/src/content/docs/plugin/biometric.mdx
+++ b/src/content/docs/plugin/biometric.mdx
@@ -89,16 +89,16 @@ In the `src-tauri/Info.ios.plist` file, add the following snippet:
-
- NSFaceIDUsageDescription
- Authenticate with biometric
-
+
+ NSFaceIDUsageDescription
+ Authenticate with biometric
+
```
## Usage
-This plugin enables you to verify the availability of Biometric Authentication on a device, prompt the user for biometric authentication, and check the result to determine if the authentication was successful or not.
+This plugin enables you to verify the availability of Biometric Authentication on a device, prompt the user for biometric authentication, and check the result to determine if the authentication was successful or not. On Android, it also allows you to encrypt/decrypt data using assymmetric keys that can be accessed only if the user authenticates using their registered biometric authentication method.
### Check Status
@@ -213,6 +213,108 @@ fn bio_auth(app_handle: tauri::AppHandle) {
+### Biometric protected cryptography
+
+:::caution[Android-only feature]
+This feature is available only for Android.
+:::
+
+To encrypt/decrypt data using an asymmetric cryptography method that is protected behind the user Biometric Authentication, utilize the `biometricCipher()` method.
+
+
+
+
+
+```javascript
+import { biometricCipher } from '@tauri-apps/plugin-biometric';
+
+// Encrypts data
+const encryptOptions = {
+ // ... other options
+ dataToEncrypt: getOriginalData(),
+};
+
+try {
+ const encrypted = await biometricCipher(
+ 'Passwordless authentication',
+ encryptOptions
+ );
+ console.log(
+ 'Hooray! Successfully encrypted data! We can now store it to decrypt later, when needed'
+ );
+} catch (err) {
+ console.log('Oh no! Authentication failed because ' + err.message);
+}
+
+// Decrypts data back to the original
+const decryptOptions = {
+ // ... other options
+ dataToDecrypt: encrypted.data,
+};
+
+try {
+ const original = await biometricCipher(
+ 'Passwordless authentication',
+ decryptOptions
+ );
+ console.log(
+ 'Hooray! Successfully decrypted data after the user authenticated with their biometric method.'
+ );
+ const valid = originalData() == dataToDecrypt.data;
+} catch (err) {
+ console.log('Oh no! Authentication failed because ' + err.message);
+}
+```
+
+
+
+
+
+```rust
+use tauri_plugin_biometric::{BiometricExt, AuthOptions};
+
+fn bio_cipher(app_handle: tauri::AppHandle, original_data: Option) {
+
+ let encrypt_options = AuthOptions {
+ // ... other options
+ data_to_encrypt: original_data.unwrap()
+ };
+
+ // if the encryption was successful, the function returns Result::Ok(CipherResult)
+ // otherwise returns Result::Error()
+ match app_handle.biometric().biometric_cipher("Passwordless authentication".to_string(), encrypt_options) {
+ Ok(encrypted) => {
+ println!("Hooray! Successfully Authenticated! We can now perform the locked Tauri function!");
+ }
+ Err(e) => {
+ println!("Oh no! Authentication failed because : {e}");
+ }
+ }
+
+ let decrypt_options = AuthOptions {
+ // ... other options
+ data_to_decrypt: encrypted.data
+ };
+
+ // if the encryption was successful, the function returns Result::Ok(CipherResult)
+ // otherwise returns Result::Error()
+ match app_handle.biometric().biometric_cipher("Passwordless authentication".to_string(), decrypt_options) {
+ Ok(decrypted) => {
+ println!("Hooray! Successfully Authenticated! We can now perform the locked Tauri function!");
+ }
+ Err(e) => {
+ println!("Oh no! Authentication failed because : {e}");
+ }
+ }
+
+ assert_equal!(decrypted.data, original_data.unwrap());
+
+}
+```
+
+
+
+
## Permissions
By default all potentially dangerous plugin commands and scopes are blocked and cannot be accessed. You must modify the permissions in your `capabilities` configuration to enable these.