Create Method (OfflineWebApplicationConnection, String, String, String, PasswordProtectedPackage)

Asks HealthVault to create a pending package for the application specified by the connection with the specified user specific parameters.

Namespace: Microsoft.Health.Package
Assembly: Microsoft.Health (in Microsoft.Health.dll) Version: (1.15.1003.9505)

public static string Create(
	OfflineWebApplicationConnection connection,
	string friendlyName,
	string securityQuestion,
	string applicationPatientId,
	PasswordProtectedPackage connectPackage


Type: Microsoft.Health.Web..::..OfflineWebApplicationConnection
The application connection to HealthVault. The application ID in the connection is used when making the patient connection.
Type: System..::..String
A friendly name for the patient connection which will be shown to the user when they go to HealthVault Shell to validate the connection.
Type: System..::..String
A question (usually provided by the patient) to which the patient must provide the answer when they go to validate the connection in the HealthVault Shell.
Type: System..::..String
The application specific identifier for the user. This identifier is used to uniquely identify the user in the application data storage whereas the HealthVault person ID is used to identify the person in HealthVault.
Type: Microsoft.Health.ItemTypes..::..PasswordProtectedPackage
The pending connect package that the user will add to his/her record. This package's Blob must be an encrypted and Base64 encoded blob of xml that represents a list of HealthRecordItems. This xml blob must be a sequence of elements, each wrapping the XML representation of a single HealthRecordItem. Each element may be generated by calling GetItemXml()()()().

Return Value

A token that the application must give to the patient to use when validating the connection request.

The password protected package supports 2 encryption algorithms, AES256 (recommended) and TripleDES.

For AES256, the supported key size is 256 bits, the blocksize is 256 bits, the IV length is 32 bytes.

For TripleDES, the supported key size is 192 bits, the blocksize is 64 bits, the IV length is 8 bytes.

The encryption key should be derived using the answer, the salt, and the number of hash iterations. The decryption will generate this key via the Rfc2898DeriveBytes class, hence, encryption should use a similar or identical process. To ensure case-insensitivity, the answer should be converted to its lower cased form using ToLowerInvariant()()()() (culturally-agnostic) prior to generating the derived key.

The algorithm used has the following parameters:
  • Mode = CipherMode.CBC
  • Padding = PaddingMode.ISO10126

The salt supplied is used as the salt to the derived key as well as the key to the supplied HMAC. The salt should be at least 8 bytes long.

It is recommended that the number of hash iterations be at least 10000.

System..::..ArgumentNullException If connection is null.
System..::..ArgumentException If friendlyName, securityQuestion, applicationPatientId, or connectPackage is null or empty.
Microsoft.Health..::..HealthServiceException If an error occurs when contacting HealthVault.