Step one: Uploading an app

To upload an app to the policy console, use one of the following REST API calls:

Example

This example uses POST app-market/upload-no-replace to upload an IPA without automatically replacing an existing app:

Request

curl -v -L -b c.txt -c c.txt -X \
 POST https://bc.qwe.com/mocana-app-control/rest/app-market/upload-no-replace \
 --data-binary @BCTest.ipa
BASH

Because this was the first time the app was uploaded, the upload finishes. The call returns with details for the app you just uploaded, and confirmation_needed returns false.

Response

{
  "message": "",
  "status": "OK",
  "upload_info": {
    "app_new": {
      "apk_url": "https://bc.qwe.com:443/mocana-app-control/rest/app-market/d8bd9013-b941-4ccd-9a2d-f6d02a63360d/apk",
      "app_id": "d8bd9013-b941-4ccd-9a2d-f6d02a63360d",
      "app_policies": [],
      "icon_url": "https://bc.qwe.com:443/mocana-app-control/rest/app-market/d8bd9013-b941-4ccd-9a2d-f6d02a63360d/icon",
      "info_url": "https://bc.qwe.com:443/mocana-app-control/rest/app-market/d8bd9013-b941-4ccd-9a2d-f6d02a63360d",
      "name": "BCTest",
      "package_name": "com.qwe.BCTest",
      "package_size": "117782",
      "platform": "PLATFORM_IOS",
      "plist_url": "https://bc.qwe.com:443/mocana-app-control/rest/web-catalog/d8bd9013-b941-4ccd-9a2d-f6d02a63360d.plist"
    },
    "confirmation_needed": false
  }
JS

To see what happens when you upload an app that is already in the system, upload this app again:

Request

curl -v -L -b c.txt -c c.txt -X \
POST https://bc.qwe.com/mocana-app-control/rest/app-market/upload-no-replace \
--data-binary @BCTest.ipa
BASH

This time, you see details for both the app that you uploaded before (app_current) and the app you’re uploading now (app_new). In the app_new array, identical_installer is true—you uploaded the exact same app.

This time, confirmation_needed returns true.

Response

{
"message": "",
  "status": "OK",
  "upload_info": {
    "app_current": {
      "apk_url": "https://bc.qwe.com:443/mocana-app-control/rest/app-market/d8bd9013-b941-4ccd-9a2d-f6d02a63360d/apk",
      "app_id": "d8bd9013-b941-4ccd-9a2d-f6d02a63360d",
      "app_policies": [],
      "icon_url": "https://bc.qwe.com:443/mocana-app-control/rest/app-market/d8bd9013-b941-4ccd-9a2d-f6d02a63360d/icon",
      "info_url": "https://bc.qwe.com:443/mocana-app-control/rest/app-market/d8bd9013-b941-4ccd-9a2d-f6d02a63360d",
      "name": "BCTest",
      "package_name": "com.qwe.BCTest",
      "package_size": "117782",
      "platform": "PLATFORM_IOS",
      "plist_url": "https://bc.qwe.com:443/mocana-app-control/rest/web-catalog/d8bd9013-b941-4ccd-9a2d-f6d02a63360d.plist"
    },
    "app_new": {
      "commit_url": "httsp://bc.qwe.com:443/mocana-app-control/rest/app-market/upload-commit/com.qwe.BCTest/PLATFORM_IOS/b62f5bfc-e418-4af7-85fb-212abb593857",
      "identical_installer": true,
      "name": "BCTest",
      "package_name": "com.qwe.BCTest"
    },
    "confirmation_needed": true
  }
JS

When confirmation_needed is true, you can take one of these actions:

  • Do nothing and keep the previously uploaded version in the system.

To replace the old version with the new one, POST to the URL returned by commit_url.

Request

curl -v -L -b c.txt -c c.txt -X POST https://bc.qwe.com:443/mocana-app-control/rest/app-market/upload-commit/com.qwe.BCTest/PLATFORM_IOS/b62f5bfc-e418-4af7-85fb-212abb593857
BASH

Response

{
  "message": "",
  "status": "OK",
  "upload_info": {
    "app_id": "d8bd9013-b941-4ccd-9a2d-f6d02a63360d",
    "app_isnew": false,
    "icon_url": "https://bc.qwe.com:443/mocana-app-control/rest/files/ec074f51-e413-4775-94af-dffd405d6345",
    "name": "BCTest",
    "package_name": "com.qwe.BCTest"
  }
JS

Securing an app involves these steps:

Uploading an app

Creating profiles for the policies you want to apply (Defining security policies (API))

Choosing a code signing type and signing profile (Code signing (API))

Securing the app with those policies and profiles, optionally code signing in the policy console (Securing an app (API))

Downloading or exporting the app, optionally code signing outside the console (Downloading and exporting apps (API))