Skip to main content
Skip table of contents

Code signing (API)

Step three: Code signing

To code-sign apps with the policy console, specify the method for code signing and use a signing profile to specify the app-signing parameters. Unlike a policy profile, which is a collection of settings that can be applied with a policy to inject an app with security, a signing profile is a collection of code signing parameters. However, you manage the profiles with the same API methods.

Because code signing is platform-specific, each signing profile is unique to Android or iOS.

You can choose to let your policy console sign your app when securing it, or you can sign on your own. Use POST app-market/policy to specify the signing type for an app and the signing_profile_id (when using signing type SIGN_ON_CONSOLE or SIGN_EXTERNALLY; no signing profile is necessary if the signing type is SKIP_CODESIGN). 

Signing methodAdditional filesSigning profileDownload/export
SIGN_ON_CONSOLE: Let the policy console sign the app.


Android: keystore

iOS: provisioning profile.

RequiredAn apk or ipa file, secured and signed.
SIGN_EXTERNALLY: Export the app (and signing settings) for code signing externally.


Android: keystore

iOS: provisioning profile.

RequiredA zip file containing the secured apk or ipa file, validated signing information, and a signing script.

Sign the app yourself (instead of having the policy console sign the app).

When securing an app with policy options that require specific entitlements, such as grouped apps in the Data Sharing policy, consider using Sign Externally instead. Such policy options cannot be validated with Skip Code Signing.


An apk or ipa file, secured and unsigned.

See Signing profiles (API) for examples of creating Android and iOS signing profiles with POST profile.

To set the default signing type for apps on the specified platform (iOS or Android), use settings/signing-type/{platform}. Otherwise, apply the signing method and signing profile (if required) and secure the app with POST app-market/policy at the same time. See Securing an app (API) for examples.

Securing an app involves these steps:

Uploading an app (API)

Creating profiles for the policies you want to apply (Defining security policies (API))

Choosing a code signing type and signing profile 

Securing the app with those policies and profiles, optionally code signing in the policy console (Securing an app (API))

Downloading or exporting the app, optionally code signing outside the console (Downloading and exporting apps (API))

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.