Signing profiles (API)
To code sign apps with the policy console or sign externally, use a signing profile to specify code signing parameters. The policy console validates this information. Because code signing is platform-specific, each signing profile is unique to Android or iOS.
You do not need a signing profile when you skip codesigning.
Signing parameters
Signing profiles specify the signing parameters appropriate for the platform, including the keystore (Android) and provisioning profile (iOS).
Android parameters
Include the keystore file when you create the profile with profile:
| File parameter | Description |
|---|---|
| keystore | Required for Android signing. A keystore file that includes the key for signing. |
Use these parameters in the JSON data structure when you apply a signing profile (POLICY_CODE_SIGNING) to the app with app-market/policy.
| Data parameter | Description |
|---|---|
| keystore_alias | Required. The keystore alias that identifies the key in the keystore to be used for signing. |
| keystore_pass | Required. The keystore password for the specified alias. |
iOS parameters
Include the provisioning profile file when you create the profile with profile:
| File parameter | Description |
|---|---|
| provisioningProfile | Required for iOS signing. A .mobileprovision file supplied by Apple to be embedded into a secured app. The securing process extracts iOS app entitlements from the provisioning profile. |
Use this parameter in the JSON data structure when you apply a signing profile (POLICY_CODE_SIGNING) to the app with app-market/policy.
| Data parameter | Description |
|---|---|
| signing_cert_id | Required. The iOS distribution certificate to use for signing an app. |
Signing profile API resources
To manage signing profiles:
- profile: Use type="signing" to create a signing profile. See example below.
- profile/catalog/{policytype}: Use "signing" for "{type}". GET returns an array of details for all policy profiles of the specified type.
- profile/{GUID}: Use the profile ID to specify a policy profile. GET returns details for the specified profile, PUT updates the details in the specified profile, and DELETE archives the profile.
To sign apps on the policy console with signing profiles:
- app-market/policy: Use the policy GUID to apply the policy to an app.
Creating a signing profile
This example creates an Android signing profile with the profile API, specifying all options.
Android request
curl -k -v -L -b c.txt -c c.txt -X POST http://bc.qwe.com:8080/mocana-app-control/rest/profile \
-F name="Android Signing" \
-F type="signing" \
-F desc="Android Signing Profile" \
-F data="{\"keystore_alias\":\"keyalias\",\"keystore_pass\":\"android123\"}" \
-F keystore=@qweKeystore.keystoreResponse
{"message": "",
"profiles": {
"data": {
"profile_data": "{\"keystore_alias\":\"keyalias\",\"keystore_pass\":\"android123\"}",
"profile_data_id": "568de0fa-84f2-47c4-b2d1-f945b22cf9b9",
"profile_data_stamp": "2017-06-19 15:21:01.0"
},
"profile_desc": "Android Signing Profile",
"profile_id": "e887be06-2918-4c27-b389-8397555d626d",
"profile_name": "Android Signing",
"profile_type": "signing",
"profile_url": "http://bc.qwe.com/mocana-app-control/rest/profile/e887be06-2918-4c27-b389-8397555d626d"
},
"status": "OK"
}iOS request
curl -k -v -L -b c.txt -c c.txt -X POST http://bc.qwe.com:8080/mocana-app-control/rest/profile \
-F name="iOS Signing" \
-F type="signing" \
-F desc="iOS Signing Profile" \
-F data="{\"signing_cert_id\":\"iPhone Distribution\"}" \
-F provisioningProfile=@qweDev.mobileprovisionDeleting a signing profile
This example uses DELETE profile/{GUID} to delete the Android signing profile created above.
Request
curl -b c.txt -c c.txt -X DELETE https://bc.qwe.com:8080/mocana-app-control/rest/profile/
e887be06-2918-4c27-b389-8397555d626d