No search results...
F3: search down. SHIFT+F3: search up
(
Latest:
v3.0
)
v3.0 (latest)
v2.9
v2.8
v2.7
v2.6
v2.5
v2.4
v2.3
v2.2
v2.1
v2.0
CLI Installation
Setup
Requirements
Initializing the Approov CLI
Installation on Linux
Installation on MacOS
Installation on Windows
Installation using Brew
Reference Guide
Getting Started With Approov
Exploring Other Approov Features
Account Access Roles
Passwords
Installing on Another Machine
Account Access Recovery
Migrating to Account Access Roles
Approov Architecture
Key Components
Detection Capabilities
Dynamic Pinning
What is Pinning
Static Pinning Issues
How Dynamic Pinning Works
Security Rules Updates
Cloud Server Redundancy
Frontend App Integration
Android Specific
Targeting Android 11 and Above
Isolated Process Capability
Android Obfuscation
Use on Emulator
iOS Specific
Use on Simulator
Bitcode Mode Management
Getting the Initial SDK Configuration
Getting the Extended SDK Configuration
Handling Multiple Accounts
Approov Fetch Status
Fetch Latency
Attestation Response Code
Decoding an Attestation Response Code
Rejection Reasons
Managing API Domains
Overview
Adding API Domains
Keyset Key API Addition
Adding No Approov Token Domains
Listing API Domains
Removing API Domains
Setting Wildcard Mode
Adding Demonstration Shapes API
Managing Registrations
Android App Signing Certificates
Huawei AppGallery App Signing Certificates
iOS IPA Extraction
Registering an App
Android Registration Considerations
iOS Registration Considerations
Temporary Registrations
Updating Registration Expiry
Unversioned Registrations
Listing Registrations
Removing Registrations
Removing Multiple Registrations
Testing Android App Bundles
Annotating a Registration
Special Library Registration
Registration From Device
Registration Cloning
Approov Tokens
Token Format
JWS Token Signing
JWE Token Encryption
Token Lifespan
Token Claims
Obtaining Additional Token Information
Reporting Token Misuse
Checking Token Validity
Loggable Tokens
Long Lived Approov Tokens
IP Tracking Policy
Audience Inclusion
Issuer Inclusion
Backend Integration
Requirements
Account Secret Key Export
Account Secret Key JWK Export
Generating Example Tokens
Changing the Account Secret Key
Raw Account Secret Key
Public Key Pinning Configuration
Managing Pins
Managed Trust Roots
Pinning For New API Domains
Managing Domain Pins
Leaf Public Key Pin Extraction
Intermediate Public Key Pin Extraction
Certificate File Pin Extraction
Certificate Pins From a Device
Checking API Configuration
Testing the Pinning Implementation
Continuous Pinning Testing
Getting All API Configuration
Setting All API Configuration
Security Policies
What is a Security Policy
Device Properties
Changing Security Policy
Rejection Policies
Custom Rejection Policies
Annotation Policies
Key IDs
Managing Devices
Extracting the Device ID
Device ID Stability
Adding a Device Security Policy
Labelling a Device
Setting Pinning Mode
Listing Your Devices
Removing Devices
Removing Multiple Devices
Banning a Device
Removing a Device Ban
Getting State of a Device
Clearing All Device State
Device Filters
Filtering Purpose
Getting Specific Device Information
Analyzing New Devices
Adding a Device Filter
Analyzing Filtered Devices
Regular Expression Filtering
Conjunction Filters
Listing Device Filters
Removing a Device Filter
Rejecting Filtered Devices
Banning Filtered Devices
Marking Filtered Devices as Risky
Custom Filtered Security Policy
Observing All Fetching Devices
Analyzing Captured Streams
Token Binding
Token Binding Concept
Setting the Binding
Generating Example Token with Binding
Backend Integration Impact
Apple DeviceCheck Integration
DeviceCheck Concept
Getting the DeviceCheck Key
Setting the DeviceCheck Key
Permanent Device Banning
Removing the DeviceCheck Key
Automatic Device Banning
Apple AppAttest Integration
AppAttest Status Flags
AppAttest Environment Setting
Enabling AppAttest
Getting AppAttest Status
Controlling AppAttest Assertion Rate
Rate Limiting AppAttest Attestations
Adding Apple Fraud Lookups
Setting Maximum Fraud Risk
Google SafetyNet Integration
How the SafetyNet Integration Works
Getting a SafetyNet API Key
Setting the SafetyNet API Key
Removing the SafetyNet API Key
App Build Requirements
Signing Certificate Integrity
Adjusting the SafetyNet API Quota
Secure Strings
Enabling Secure Strings
Managing Predefined Secure Strings
Fetching Predefined Secure Strings
App Instance Secure Strings
Custom JWTs
Enabling Custom JWTs
Fetching Custom JWTs
Custom JWT Key Set Usage
Managing Key Sets
Adding a New Key
Listing Keys
Removing Keys
Getting Public Key PEM
Getting Keyset JWKS
Importing Keys
Message Signing
Enabling Message Signing
Getting the Message Signing Key
Disabling Message Signing
Generating Message Signatures in the App
Checking Message Signatures in the Backend
Android Automated Launch Detection
Metrics Graphs
Grafana
Metrics Naming
Summary Metrics
Flag Metrics
App Metrics
SDK Metrics
Policy Metric
Filter Metrics
Web Protection Metrics
Live Metrics
Billing Usage
Hourly Metrics
Daily Metrics
Monthly Metrics
SDK Metrics
Exporting Data
Service Monitoring
Summary Emails
API Monitoring
Managing Alert Email
Managing Email Recipients
Setting Summary Frequency
Emergency Contact
Healthcheck Endpoint
User Management
Best Practice
User Roles
Admin Role
Delegate Role
Pentest Role
Automation Role
Adding New User Roles
Access Expiry Reminders
Listing User Roles
Revoking User Access
Resending Onboarding Emails
Automated Approov CLI Usage
Creating an Automation Management Token
Automation Setup on Linux
Automation Setup on MacOS
Automation Setup on Windows
Retrieving an Existing Automation Management Token
Quickstart Integrations
Frontend Mobile App
Frontend Web Browser
Backend API
Trial Guide
How to Setup and Run a Successful Trial
Before You Start The Trial
Sign Up for an Approov Trial
Integrate Into Your App
Monitor Your API Traffic with Approov Metrics
Initializing the Approov CLI
Registering Apps
Adding APIs to be Protected
Integrate Into Your Backend
Deploying Blocking Protection
Test Your Platform
Advanced Features
Release Notes
Version 3.0
Version 2.9
Version 2.8
Version 2.7
Version 2.6.1
Version 2.6
Version 2.5
Version 2.4
Version 2.3
Version 2.2
Version 2.1
Version 2.0
Version 1.12
Version 1.11
Version 1.10
Version 1.9
Version 1.8
Version 1.7
Version 1.6
Version 1.5
Version 1.4
Version 1.2
Version 1.0
CLI Reference
Overview
API Command
AppAttest Command
App Signing Certificates Command
Custom JWT Command
Device Command
DeviceCheck Command
Filter Command
Init Command
Keyset Command
Monitoring Command
Metrics Command
Password Command
Pin Command
Policy Command
Registration Command
Role Command
SafetyNet Command
SDK Command
Secret Command
Secure Strings Command
Support Command
Token Commands
Users Command
Web Command
Whoami Command
Go-Live Checklist
Go Live Checklist
API Backend
1. Token Check Integration
2. Pinning Related
Mobile App
Production Release Process
For Direct SDK Integrations
Direct SDK Integration
Android SDK Integration
Getting the Android SDK
Importing the SDK into Android Studio
iOS SDK Integration
Getting the iOS SDK as an XCFramework
Importing the SDK into Xcode
Getting the iOS SDK as a Framework
SDK Initialization
Reinitializing the SDK
SDK Fetch Operations
Fetch Status Handling
Fetching Approov Tokens
Synchronous Token Fetching
Asynchronous Token Fetching
Getting an Attestation Response Code
Getting the Rejection Reasons
Public Key Pinning Implementation
Setting Pins
Reacting to Configuration Changes
Reacting to Force Apply Pins
SDK Interface Reference
Initialization
Configuration Fetching
Getting the Device ID
Pins Extraction
Pins JSON Extraction
Fetch Result
Synchronous Token Fetch
Asynchronous Token Fetch
Synchronous Secure String Fetch
Asynchronous Secure String Fetch
Synchronous Custom JWT Fetch
Asynchronous Custom JWT Fetch
Token Binding
Integrity Measurement Proof
Device Measurement Proof
Message Signing
Set User Property
Set Activity
Offline Security Mode
Use Case
Operational Flow
Backend Integration
Remote Hardware Integration
Requesting a Baseline Measurement
Persisting the Measurement Configuration
Getting a Measurement Proof
Web Protection Integration
Web Protection Integration
Web Protection Flow
Implementing the Integrated Service Flow
Enable Web Protection for an API
FingerprintJS
FingerprintJS Signup and Setup
Configure Approov with a FingerprintJS Subscription
Call Approov Web Protection with FingerprintJS
Approov
embed
token claim for FingerprintJS
Google reCAPTCHA
reCAPTCHA Signup and Setup
Configure Approov with a reCAPTCHA Site
Call Approov Web Protection with reCAPTCHA
Approov
embed
token claim for reCAPTCHA
hCaptcha
hCaptcha Signup and Setup
Configure Approov with an hCaptcha Site
Call Approov Web Protection with hCaptcha
Approov
embed
token claim for hCaptcha
Web Protection Metrics Presentation
Web Protection Service Reference
Domains
Endpoints
Using Multiple Integrated Services to Protect Your API
Web Protection Token Binding
Troubleshooting Web Protection Errors
Sitemap
© 2001-2022 CriticalBlue Ltd.
Home
>
Quickstart Integrations
>
Backend API
> Swift Vapor
Table of Contents
Swift Vapor