Patent attributes
A personal credential store that aggregates a number of physical credential stores beneath an application programming interface (API) and offers tag-based credential look-up. The API of the disclosed system runs on the user's client system, and effectively hides the underlying credential store types from applications using it. The tags used to look up credentials through the API may advantageously include or consist of unique identifiers indicating the functional purpose of the desired credential. The types of physical credential store aggregated together under the disclosed API may include a local credential store, a network-resident private credential store that may be shared across multiple client systems operated by a single user, and a network-resident shareable credential store, that may be used by processes acting on behalf of the user, and/or shared by multiple users.