To upload an app to the integration platform, use POST /apps:

  • fileToSave: app to be stored on the platform

    When supplying an app in a cURL command, specify the contents of the file with @:

    -F "fileToSave=@Archive.ipa;type="
    -F "fileToSave=@MyApp.apk;type=application/vnd.android.package-archive"

Request: Upload an iOS app

curl -X POST "https://platform-api.bluecedar.com/v1/apps" \
     -H "accept: application/json" \
     -H "X-Organization-UUID: 08cfc9b9-1848-4da0-a271-0eaa4c8b1af3" \
     -H "Content-Type: multipart/form-data" \
     -F "fileToSave=@Archive.ipa;type="
BASH


Request: Upload an Android app

curl -X POST "https://platform-api.bluecedar.com/v1/apps" \
     -H "accept: application/json" \
     -H "X-Organization-UUID: 08cfc9b9-1848-4da0-a271-0eaa4c8b1af3" \
     -H "Content-Type: multipart/form-data" \
     -F "fileToSave=@MyApp.apk;type=application/vnd.android.package-archive"
BASH


The response JSON includes information about the app. 

Response: uploaded but not scanned

{
  "organizationUuid": "08cfc9b9-1848-4da0-a271-0eaa4c8b1af3",
  "appUuid": "bbc21678-76e4-4e09-be03-0e8e6b72e88e",
  "appSecurityProfileUuid": null,
  "codeSigningUuid": null,
  "codeSigningType": null,
  "appSecurityVersionCode": null,
  "storageUrl": "Archive+ipa/application+octet+stream/346c1d3e-6db4-4741-b14c-d9a6cd1d5ffe",
  "uniqueName": null,
  "latestVersion": null,
  "appOsType": null,
  "appName": null,
  "appId": null,
  "appVersion": null,
  "appInternalVersion": null,
  "appIconStorageUrl": null,
  "scanStatus": null,
  "isBlueCedarApp": false,
  "audit": {
    "createdDate": "2018-10-18T03:15:18.000057",
    "createdBy": "6ded1e0c-e152-466e-bd4a-1a2240625990",
    "modifiedDate": "2018-10-18T03:15:18.000057",
    "modifiedBy": "6ded1e0c-e152-466e-bd4a-1a2240625990"
  }
}
BASH

The platform uploads the app, returning the above response, and then scans it. After uploading, note that some details are unknown (null). The scanning process extracts all the information the platform needs for integration. The app is not ready to integrate until the scanning process is complete.

To see if a scan is in progress:

Request: Check in progress scan status

curl -X GET "https://platform-api.bluecedar.com/v1/injection_tasks?overallStatus=initial&appUuid=$APP_UUID'"
BASH

The response JSON from the scanning process includes more information about the app.

Response: successful scan

{
  "organizationUuid": "d7b3cf3a-b572-4139-899d-6c51069b38be",
  "appUuid": "9b381cd7-cef2-4bc2-955e-0d21218b0df8",
  "appSecurityProfileUuid": null,
  "codeSigningUuid": null,
  "codeSigningType": null,
  "appSecurityVersionCode": 3,
  "storageUrl": "Compass+apk/application+vnd+android+package+archive/8e4d085f-2ddf-433f-8783-cbd22f9ee3b3",
  "uniqueName": null,
  "latestVersion": null,
  "appOsType": "Android",
  "appName": "Compass",
  "appId": "com.mocana.keybrowser",
  "appVersion": "3.21.1-37bda7",
  "appInternalVersion": "3021001",
  "appIconStorageUrl": "https://api.dev.bluecedar.com/v1/storage/icon+png/image+png/cc5ed963-8ae3-47a2-b263-2b622fe2a835",
  "scanStatus": "completed",
  "scanResults": {
    "predictivePolicyResults": {
      "sqlcipher": {
        "result": "NotFound"
      },
      "realm": {
        "result": "NotFound"
      },
      "integrity": {
        "result": "NotFound"
      },
      "wkwebview": {
        "result": "NotFound"
      }
    }
  },
  "isBlueCedarApp": true,
  "audit": {
    "createdDate": "2019-03-05T05:42:56.000134",
    "createdBy": "fe468e31-a200-42ad-a9f2-0903fdefe06c",
    "modifiedDate": "2019-03-05T16:27:27.000940",
    "modifiedBy": "fe468e31-a200-42ad-a9f2-0903fdefe06c"
  }
}
JS

If you compare the upload response and the scan response, you'll see that keys like appName, appOsType, and appId are no longer null.

There is also a new object, scanResults, that is used during Integrating services.