Desktop Functions:

   Smart Device Functions:

Show Recent Changes
Subscribe (RSS)
Misc. Pages
1` DF
Helpful Tools
Suggested Reading
Website TODO List
Download Visual Studio Add-In

CoInitializeSecurity (ole32)
Registers security and sets the default security values for the process, but this can't be directly called from managed code.

C# Signature:

static extern int CoInitializeSecurity(IntPtr pVoid, int cAuthSvc,
   SOLE_AUTHENTICATION_SERVICE [] asAuthSvc, IntPtr pReserved1,
   uint dwAuthnLevel, uint dwImpLevel, IntPtr pAuthList, uint dwCapabilities,
   IntPtr pReserved3);

VB .NET Signature:

Declare Function CoInitializeSecurity
   pVoid As IntPtr, _
   cAuthSvc As Integer, asAuthSvc() As SOLE_AUTHENTICATION_SERVICE, _
   pReserved1 As IntPtr, dwAuthnLevel As Integer, dwImpLevel As Integer, _
   pAuthList As IntPtr, dwCapabilities As Integer, pReserved3 As IntPtr) As Integer

User-Defined Types:



You shouldn't call CoInitializeSecurity from managed code. That's because the CLR will almost always call CoInitialize upon startup before execution enters your main method, and CoInitialize will implicitly call CoInitializeSecurity if it hasn't already been called. Therefore, calling this from managed code will usually return RPC_E_TOO_LATE.

The workaround is to write an unmanaged "shim" that will call CoInitializeSecurity, then activate and call into managed code. You can do this via an export from a mixed-mode C++ DLL, by registering a managed component for use by COM, or by using the CLR hosting API.

I have been able to reliably call CoInitializeSecurity from within the Main method of a managed (C#) application. There are two caveats:

  • You cannot have any assembly level attributes which are defined in another assembly. This causes the Attribute object to be created, and hence a COM call.
  • You cannot instantiate any objects in the Main method that are defined in another assembly. This involves a COM call.

To get around the second caveat, simply move all your code (except the CoInitializeSecurity call) into another procedure and call that.


static void Main()

   // Do something that causes the other assembly to be loaded.
   MyCOMObjectInAnotherAssembly myObject = new MyCOMObjectInAnotherAssembly();
   // other code here...


static void Main()


private static void PerformOtherWork()
   // Do something that causes the other assembly to be loaded.
   MyCOMObjectInAnotherAssembly myObject = new MyCOMObjectInAnotherAssembly();
   // other code here...

This advice below may not work reliably in v1.0 and v1.1 and will not work in the Whidbey (v2.0) product:

To use CoInitializeSecurity from a Windows Form Application, remove the STAThread attribute from the Main function, then call :

   System.Threading.Thread.CurrentThread.ApartmentState = ApartmentState.STA

It sets the apartment state, then make the call to CoInitializeSecurity.

Alternative Managed API:

Do you know one? Please contribute it!


Please edit this page!

Do you have...

  • helpful tips or sample code to share for using this API in managed code?
  • corrections to the existing content?
  • variations of the signature you want to share?
  • additional languages you want to include?

Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing supporting types needed for this API (structures, delegates, and more).

Access directly from VS:
Terms of Use
Find References
Show Printable Version