Create Application Resource
List Applications
Upload Application
View Application
Create Application Resource
Using POST /app/, you can create an application resource that does not have a binary associated with it. To run an assessment you must upload a binary with the same package name and platform, see the Upload Application section for further details.
POSThttps://lab-api.nowsecure.com/app/
curl -H "Authorization: Bearer ${API_TOKEN}" -X POST https://lab-api.nowsecure.com/app/ -d '{"platform": "android", "package": "com.example.app", "group": "363df3a1-0e8b-4960-bb6e-cc09aced37a1"}'
HTTP/1.1 200 OK
{
"platform": "android",
"package": "com.example.app",
"group": "363df3a1-0e8b-4960-bb6e-cc09aced37a1",
"created": "2016-04-08T19:06:00.257Z"
}
Header
Field | Type | Description |
Authorization |
String | Send header with value Bearer: ${API_TOKEN} to authenticate |
Body
Field | Type | Description |
platform |
String | The platform associated with application Allowed values: "ios" , "android"
|
package | String | The package identifier of application |
group | String | The uuid group ref to associate application with (only optional if user belongs to exactly one group) |
List Applications
You can list all of the applications associated with an account using GET /app/.
GEThttps://lab-api.nowsecure.com/app/
curl -H "Authorization: Bearer ${API_TOKEN}" -X GET https://lab-api.nowsecure.com/app/
ns-cli app list --group-ref 312d2c93-1531-41be-b4f3-755799423393 --json
[
{
"ref": "7f0ab7a2-2068-11ec-a8e7-af699493e3e8",
"platformType": "android",
"group": {
"ref": "376124c4-824b-485e-82d9-632e1754a53f",
"name": "Demos"
},
"packageKey": "net.aljazeera.english",
"title": "AJ English",
"iconURL": "https://api.nowsecure.com/icon/50c72649490f517f988d94d53486a917af6883cdf431fba1d5b606f433340df3",
"createdAt": "2021-09-28T14:29:32.173549Z",
"archivedAt": null
},
{
"ref": "f8fdada8-26c1-11ec-bfb0-9f806683e0c3",
"platformType": "ios",
"group": {
"ref": "376124c4-824b-485e-82d9-632e1754a53f",
"name": "Demos"
},
"packageKey": "com.nowsecure.rvia",
"title": "RVIA",
"iconURL": "https://api.nowsecure.com/icon/7e370e68ceeeb899aa39e3aaa3151c1555af7d05c36679497d80a4e750eda887",
"createdAt": "2021-10-06T16:25:08.955524Z",
"archivedAt": null
},
{
"ref": "d087e974-3738-11ec-b709-e73c87197b74",
"platformType": "ios",
"group": {
"ref": "376124c4-824b-485e-82d9-632e1754a53f",
"name": "Demos"
},
"packageKey": "com.westernunion.mtapp",
"title": "WesternUnion",
"iconURL": "https://api.nowsecure.com/icon/2ae725dc422d0752ee60143f53d8982a5ddcd81a4e5736909432a1b2017f9d5d",
"createdAt": "2021-10-27T15:16:09.790133Z",
"archivedAt": null
},
curl -H "Authorization: Bearer $API_TOKEN" 'https://lab-api.nowsecure.com/app/' | jq '.[] | select(.group == "312d2c93-1531-41be-b4f3-755799423393")'
{
"ref": "ddffb656-b459-11ec-8971-030fcf3c415c",
"group": "376124c4-824b-485e-82d9-632e1754a53f",
"account": "376124c4-824b-485e-82d9-632e1754a53f",
"platform": "android",
"package": "co.babypenguin.androidlive",
"created": "2022-04-04T20:57:41.125Z",
"title": "imo live",
"binary": "fa4ec877493538c03146e05706004308bb0f74e28c0aa63ac3869aa51d84dad1",
"config_level": "baseline",
"config": {},
"appstore_application_key": "co.babypenguin.androidlive"
}
{
"ref": "bb95025c-7d3a-11ec-a8e7-f7f2c8076362",
"group": "376124c4-824b-485e-82d9-632e1754a53f",
"account": "376124c4-824b-485e-82d9-632e1754a53f",
"platform": "android",
"package": "com.apartments.mobile.android",
"created": "2022-01-24T17:26:15.031Z",
"title": "Apartments",
"binary": "4d037d7042ae4669e4c3dc5a433be87cfae34339431bca0422bc5f3fb44c40da",
"config_level": "baseline",
"config": {},
"appstore_application_key": "com.apartments.mobile.android"
}
Header
Field | Type | Description |
Authorization |
String | Send header with value Bearer: ${API_TOKEN} to authenticate |
Upload Application
Use POST /build/, with a request body of the app binary, to trigger an assessment. This will create a new application record if one does not already exist in specified group. If application record does it exist, this will use any previously specified configuration options. If it is the first time an application has been uploaded, the assessment will start with the default configuration options.
POSThttps://lab-api.nowsecure.com/build/
curl -H “Authorization: Bearer $TOKEN” -X POST “https://lab-api.nowsecure.com/build/?group=$GROUPREF” --http1.1 --data-binary @$APPNAME.apk
> Content-Length: 809562
> Content-Type: application/x-www-form-urlencoded
> Expect: 100-continue
>
< HTTP/1.1 100 Continue
We are completely uploaded and fine
< HTTP/1.1 201 Created
< X-Served-By: 81faea87c926
< X-Request-ID: 6d77d2d8-534b-4704-85fe-5738ae5d3ac1
< Content-Type: application/json
< Access-Control-Allow-Origin:
< Access-Control-Allow-Headers: Accept, Accept-Encoding, Accept-Language, Authorization, Cache-Control, Connection, Content-Type, Digest, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, Range, Referer, User-Agent
< Date: Fri, 03 Feb 2017 20:31:59 GMT
< Connection: close
< Content-Length: 12200
<
Header
Field | Type | Description |
Authorization |
String | Send header with value Bearer: ${API_TOKEN} to authenticate |
Query
Field | Type | Description |
group |
String | The application group to use for the assessment (only optional if user belongs to exactly one group) |
View Application
Using the GET /app/{platform}/{package} endpoint will allow the user to view a specific application package.
GEThttps://lab-api.nowsecure.com/app/:platform/:package
curl -H "Authorization: Bearer ${API_TOKEN}" -X GET https://lab-api.nowsecure.com/app/android/com.sample.android.testdpc?group=838929c6-73c8-11e8-a19d-27d57188d0f9
Header
Field | Type | Description |
Authorization |
String | Send header with value Bearer: ${API_TOKEN} to authenticate |
Route
Field | Type | Description |
platform |
String | The platform associated with application. Allowed values: "ios ", "android " |
package | String | The package identifier of application |
Query
Field | Type | Description |
group |
String | The uuid group ref of application (only optional if user belongs to exactly one group) |
Comments
Article is closed for comments.