CredUIPromptForWindowsCredentials Function (Windows)

CredUIPromptForWindowsCredentials F...

CredUIPromptForWindowsCredentials Function

The CredUIPromptForWindowsCredentials function creates and displays a configurable dialog box that allows users to supply credential information by using any credential provider installed on the local computer.

Syntax

C++

DWORD WINAPI CredUIPromptForWindowsCredentials(
  __in_opt     PCREDUI_INFO pUiInfo,
  __in         DWORD dwAuthError,
  __inout      ULONG *pulAuthPackage,
  __in_opt     LPCVOID pvInAuthBuffer,
  __in         ULONG ulInAuthBufferSize,
  __out        LPVOID *ppvOutAuthBuffer,
  __out        ULONG *pulOutAuthBufferSize,
  __inout_opt  BOOL *pfSave,
  __in         DWORD dwFlags
);

Parameters

pUiInfo [in, optional]

A pointer to a CREDUI_INFO structure that contains information for customizing the appearance of the dialog box that this function displays.

If the hwndParent member of the CREDUI_INFO structure is not NULL, this function displays a modal dialog box centered on the parent window.

If the hwndParent member of the CREDUI_INFO structure is NULL, the function displays a dialog box centered on the screen.

This function ignores the hbmBanner member of the CREDUI_INFO structure.

dwAuthError [in]

A Windows error code, defined in WinError.h, that is displayed in the dialog box. If credentials previously collected were not valid, the caller uses this parameter to pass the error message from the API that collected the credentials (for example, Winlogon) to this function. The corresponding error message is formatted and displayed in the dialog box. Set the value of this parameter to zero to display no error message.

pulAuthPackage [in, out]

On input, the value of this parameter is used to specify the authorization package for which the credentials in the pvInAuthBuffer buffer are serialized. If the value of pvInAuthBuffer is NULL and the CREDUIWIN_AUTHPACKAGE_ONLY flag is set in the dwFlags parameter, only credential providers capable of serializing credentials for the specified authentication package are to be enumerated.

To get the appropriate value to use for this parameter on input, call the LsaLookupAuthenticationPackage function and use the value of the AuthenticationPackage parameter of that function.

On output, this parameter specifies the authentication package for which the credentials in the ppvOutAuthBuffer buffer are serialized.

pvInAuthBuffer [in, optional]

A pointer to a credential BLOB that is used to populate the credential fields in the dialog box. Set the value of this parameter to NULL to leave the credential fields empty.

ulInAuthBufferSize [in]

The size, in bytes, of the pvInAuthBuffer buffer.

ppvOutAuthBuffer [out]

The address of a pointer that, on output, specifies the credential BLOB. For Kerberos, NTLM, or Negotiate credentials, call the CredUnPackAuthenticationBuffer function to convert this BLOB to string representations of the credentials.

When you have finished using the credential BLOB, clear it from memory by calling the SecureZeroMemory function, and free it by calling the CoTaskMemFree function.

pulOutAuthBufferSize [out]

The size, in bytes, of the ppvOutAuthBuffer buffer.

pfSave [in, out, optional]

A pointer to a Boolean value that, on input, specifies whether the Save check box is selected in the dialog box that this function displays. On output, the value of this parameter specifies whether the Save check box was selected when the user clicks the Submit button in the dialog box. Set this parameter to NULL to ignore the Save check box.

This parameter is ignored if the CREDUIWIN_CHECKBOX flag is not set in the dwFlags parameter.

dwFlags [in]

A value that specifies behavior for this function. This value can be a bitwise-OR combination of one or more of the following values.

Value	Meaning
CREDUIWIN_GENERIC 0x1	The caller is requesting that the credential provider return the user name and password in plain text. This value cannot be combined with SECURE_PROMPT.
CREDUIWIN_CHECKBOX 0x2	The Save check box is displayed in the dialog box.
CREDUIWIN_AUTHPACKAGE_ONLY 0x10	Only credential providers that support the authentication package specified by the pulAuthPackage parameter should be enumerated. This value cannot be combined with CREDUIWIN_IN_CRED_ONLY.
CREDUIWIN_IN_CRED_ONLY 0x20	Only the credentials specified by the pvInAuthBuffer parameter for the authentication package specified by the pulAuthPackage parameter should be enumerated. If this flag is set, and the pvInAuthBuffer parameter is NULL, the function fails. This value cannot be combined with CREDUIWIN_AUTHPACKAGE_ONLY.
CREDUIWIN_ENUMERATE_ADMINS 0x100	Credential providers should enumerate only administrators. This value is intended for User Account Control (UAC) purposes only. We recommend that external callers not set this flag.
CREDUIWIN_ENUMERATE_CURRENT_USER 0x200	Only the incoming credentials for the authorization package specified by the pulAuthPackage parameter should be enumerated.
CREDUIWIN_SECURE_PROMPT 0x1000	The credential dialog box should be displayed on the secure desktop. This value cannot be combined with CREDUIWIN_GENERIC. Windows Vista: This value is not supported until Windows Vista with SP1.
CREDUIWIN_PACK_32_WOW 0x10000000	The credential provider should align the credential BLOB pointed to by the ppvOutAuthBuffer parameter to a 32-bit boundary, even if the provider is running on a 64-bit system.

Return Value

If the function succeeds, the function returns ERROR_SUCCESS. If the function is canceled by the user, it returns ERROR_CANCELLED. Any other return value indicates that the function failed to load.

Requirements

Minimum supported client	Windows Vista
Minimum supported server	Windows Server 2008
Header	WinCred.h
Library	Credui.lib
DLL	Credui.dll
Unicode and ANSI names	CredUIPromptForWindowsCredentialsW (Unicode) and CredUIPromptForWindowsCredentialsA (ANSI)

Send comments about this topic to Microsoft

Build date: 6/26/2009