Appdome.comAppdome Platform
Guides

Building an App

Suggest Edits

This topic provides a detailed explanation of the process of building an app on the Appdome platform with your selected defenses.

For the Appdome Python library example refer to the snippet at the bottom.

Important

If you have not yet created a fusion set, this can only be done only via the platform. As this is the last time you are going to need to visit the platform UI, you are strongly advised to perform this process before running the API calls.

Caveats

  • Remember to visit the platform to obtain your API key and fusion_set_id parameters. If you are working with a team you also need to get the team_id . For details, see Getting started section.

This process consists of two steps that should be performed in the following order:

  • POST request to Appdome to send the app_id obtained the upload process, fusion_set_id obtained from the platform, action parameter with a value of build, and optionally overrides json object detailed at the Build an app API reference page.
  • GET request to check the task status should be polled operation and wait until the request status is success before proceeding to the next action.

The process

Note that the scripts uses some variables such as API_KEY, FUSION_SET_ID, BUILD_OVERRIDES, TEAM_ID. Ensure that you update these variables accordingly.

  1. Obtain the task ID and assign it to the task_id variable for later use.
BUILD_OVERRIDES='{"user_agent":"...","user_agent_value":"..."}'

task_id=$(
    curl -s --request POST \
      --url "https://fusion.appdome.com/api/v1/tasks" \
      --header "Authorization: $API_KEY" \
      --header 'accept: application/json' \
      --header 'content-type: multipart/form-data' \
      --form action=fuse \
      --form fusion_set_id="$FUSION_SET_ID" \
      --form app_id="$(echo "$app" | jq -r .id)" \
      --form overrides="$BUILD_OVERRIDES" |
      jq -r .task_id
  )
  1. Declare a function that will perform the polling operation and notify when the task status is completed.
    Note that the task may fail with a status of error and a message property that indicates the issue for which the task failed. This message can help you resolve the issue before building again.
statusWaiter() {
  task_id=$1
  team_id=$2
  status="progress"
  while [[ $status == "progress" ]]; do
    status=$(curl -s --request GET \
      --url "https://fusion.appdome.com/api/v1/tasks/$task_id/status?team_id=$team_id" \
      --header 'Content-Type: application/json' \
      --header "Authorization: $API_KEY" |
      jq -r '.status')
    sleep 0.5
  done
}

statusWaiter "$task_id" "$TEAM_ID"

At this point, if the status inside statusWaiter is completed, this means you have successfully built an app with your fusion set.

From here, you may proceed to add context (optional) or sign an app.

Appdome python library example

python3 build.py --app_id <app_id_value> --fusion_set_id <fusion_set_id_value> --build_overrides <overrides_json_file>

Updated almost 2 years ago

What’s Next