Approov API Protection
Free Trial

Approov Technology Integrations

Protecting the APIs that serve your applications has never been more important. To make it easy to integrate Approov into your security environment we work closely with other security vendors in order to ensure optimal protection and ease of deployment.

We integrate and test Approov with the industry's best security vendors to help our customers protect their people, data and brand.

Browser Protection

Some mobile-first customers allow browser-based access to the same APIs which service their mobile apps. To provide a single common validation method for mobile apps and browser-based access, Approov integrates with solutions which evaluate whether a browser access is by a human or a bot. This enables a single, common authorization method for both the web and mobile API channels in order to validate legitimate access.

  • Papara

    Fingerprint JS

    Approov mobile app and mobile environment integrity checking, when combined with the highly accurate browser fingerprinting from FingerprintJS provides a very effective shield for APIs that serve both mobile apps and browsers.

  • Papara

    hCaptcha

    This integration provides a very effective shield for APIs that serve both mobile apps and browsers by combining Approov mobile app and mobile environment integrity checking with the protection from browser-based bots which is provided by hCaptcha.

  • Papara

    Google reCAPTCHA

    The integration provides a very effective shield for APIs that serve both mobile apps and browsers by combining Approov mobile app and mobile environment integrity checking with the protection from browser-based bots which is provided by Google reCAPTCHA.

Back-end Security Integration - Single control point

Approov integrates easily with any backend environment: QuickStart guides are available for 10 commonly used environments. However some customers seek to simplify security by having a single-point where security policy is enforced in front of the API. Approov supports this with integrations with back-end security platforms, adding the Approov assurance that APIs can only be accessed by genuine instances of your mobile app.

  • Papara

    Fortinet

    Approov integrates with Fortinet FortiwebTM to inject Approov mobile API threat protection into FortiwebTM WAF rules. The joint solution provides one integrated control point for APIs and web apps against bots and other malicious access, whether the threats are browser-based or from the mobile channel.

  • Papara

    Kong

    The integration of Approov with the Kong API Gateway ensures that your API can only be accessed by genuine instances of your mobile app running on an untampered device. Tampered mobile apps as well as scripts and bots can be blocked at a single control point in the Kong gateway.

  • Papara

    Cloudflare

    Approov can be implemented as a Cloudflare Worker, providing a single security control-point in front of your API server. The combined solution protects against a range of threats: Approov ensures only requests from genuine untampered instances of your mobile app get through to the API and Cloudflare can block DDoS attacks.

  • Papara

    NGINX

    The Approov integration with Nginx Plus will ensure that your API can only be accessed by genuine instances of your mobile app. Scripts and bots will be blocked. This is achieved by adding the Approov SDK to your mobile app and does not require you to change a single line of code in the API itself. Nginx Plus provides a single control point, enhanced with Approov protection.

  • Papara

    Tibco/Mashery

    The integration of Approov with the TIBCO Mashery API Gateway ensures your API can only be accessed by genuine instances of your mobile app. Tampered apps as well as scripts and bots can be blocked at a single control point in the TIBCO Mashery gateway.

Cloud Integration

Integration with cloud gateways, allows the Approov mobile app and client environment attestation check to be enforced at the gateway to ensure comprehensive and consistent security for cloud-native APIs.

  • Papara

    AWS

    The integration of Approov with the AWS API Gateway ensures your API can only be accessed by genuine instances of your mobile app. Tampered apps, scripts and bots can be blocked at a single control point at the gateway before they reach your APIs.

  • Papara

    Microsoft Azure

    The integration of Approov with the Azure API Gateway ensures your API can only be accessed by genuine instances of your mobile app. Tampered apps, scripts and bots can be blocked at a single control point in the Azure gateway before they reach your APIs.

Identity and Access Management

Approov works with any product which supports standards for authorization, authentication and identity management, such as OAuth2 and OpenIS Connect (OIC).

Learn More

Mobile Application Framework Integration

Approov provides mobile client quickstarts to allow easy integration with a full range of native Android and iOS platforms as well as popular cross-platform development environments.

Approov API Protection

Cordova

Approov API Protection

Ionic

Approov API Protection

NativeScript

Approov API Protection

React Native

Mobile Client Integrity

Apple DeviceCheck allows developers to set and track states on (anonymized) iOS devices and Google SafetyNet evaluates whether an android device has been rooted or otherwise compromised. Integration of both with Approov ensures that DeviceCheck and SafetyNet validation can be incorporated into the powerful security policy framework which is part of the Approov service. This provides granularity of control and consistency across both platforms and ensures compromised device access can always be blocked without creating false negatives.

Find out more about partnering opportunities with Approov

Register here and we will be in touch

By clicking Submit, you agree to our Terms of Service and that you have read our Privacy Policy. CriticalBlue needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.

Copyright © 2021 CriticalBlue, Ltd. All Rights Reserved.