The Amplify Auth category persists authentication-related information to make it available to other Amplify categories and to your application.

Amplify Flutter securely handles credentials and user identity information. You do not need to store, refresh, or delete credentials yourself. Amplify Flutter handles these operations using platform capabilities such as [Keychain Services](https://developer.apple.com/documentation/security/keychain_services/) on iOS and macOS and [EncryptedSharedPreferences](https://developer.android.com/reference/androidx/security/crypto/EncryptedSharedPreferences) on Android.

Some platform specific option can be customized with the out of the box options. In the example below, credentials will be stored in-memory on Web instead of the default behavior of using browser storage.

```dart
await Amplify.addPlugin(
  AmplifyAuthCognito(
    secureStorageFactory: AmplifySecureStorage.factoryFrom(
      webOptions: WebSecureStorageOptions(
        persistenceOption: WebPersistenceOption.inMemory,
      ),
    ),
  ),
);
```

If you would like further customization, you can provide your own factory for creating `SecureStorageInterface` instances to `AmplifyAuthCognito`. The example below shows the use of a custom implementation that stores data in-memory on all platforms.

```dart
await Amplify.addPlugin(
  AmplifyAuthCognito(secureStorageFactory: InMemoryStorage.new),
);
```

```dart
class InMemoryStorage implements SecureStorageInterface {
  InMemoryStorage(this.scope);

  /// The scope of the item being stored.
  ///
  /// This can be used as a namespace for stored items.
  final AmplifySecureStorageScope scope;

  static final Map<String, String> _data = {};

  @override
  void write({required String key, required String value}) {
    _data['${scope.name}.$key'] = value;
  }

  @override
  String? read({required String key}) {
    return _data['${scope.name}.$key'];
  }

  @override
  void delete({required String key}) {
    _data.remove('${scope.name}.$key');
  }
}
```