You can upload apps (APK or IPA files) to the platform, scan apps, integrate selected policies with an app security profile, sign the apps and make them available to mobile device users. This set of API calls outlines the process. You can try out the API at

For examples, see the links for each task.

Authenticate with the platform

When you sign up for the Blue Cedar integration platform, you are assigned a username and can set a password.

  • POST /auth/token
    • Use the username you were assigned.

    • Set a password.

  • Response: Use the access_token to authorize your session with the platform. 

  • Details and examples: Authentication

Upload an app

When you upload an app, the platform scans the app to identify development stacks and frameworks used in the app that might be relevant to the integration accelerator. The scanning process must finish before the app is ready for integration. See Uploading an app for info about scanning status and results needed to pass along to the integration process.

  • POST /apps—uploads the app to the platform and triggers the scanning process.
    • fileToSave: app to store on the platform
  • Details and examples: Uploading an app

Create a profile

See Configuring app security profiles (API). (Coming soon.)

Integrate the services

Integrating the app with app security settings explicitly:

  • Use POST /injection_tasks with these values:

    • appSecurityProfileJson: Includes settings for each policy
    • organizationUuid: $ORG_UUID as set in the environment
    • taskType: harden
  • To sign on console or sign externally, you must also provide these values when integrating:

Integrating the app with an app security profile:

  • Use PUT /apps/${APP_UUID} with these values:

    • APP_UUID: App UUID created when the app was uploaded
    • appSecurityProfieUuid: The UUID for the app security profile
    • organizationUuid: $ORG_UUID as set in the environment
    • storageUrl: Path of stored app, returned as storageUrl in the uploading step 
  • To sign on console or sign externally, you must also provide these values when integrating:

Details and examples: Integrating services

Download the app