How Appdome SiteTrust Prevents Unauthorized Access to Your PWA
Appdome SiteTrust is a Secure PWA feature that protects non-public resources by restricting access/navigation to the home domain only, preventing unauthorized access to the mobile app’s backend and sensitive systems. When enabled, your SecurePWA app will only be able to access trusted domains and sites.
About Appdome SecurePWA
Appdome SecurePWA is a no-code mobile development tool that enables anyone to build secure Android and iOS progressive web apps (PWAs) that run as native or cross-platform Android and iOS apps on any mobile device – instantly, with no code or coding. The only requirement needed to create a Secure PWA is the URL of any existing website, web app, or cloud app. Developers or non-developers use Appdome’s simple ‘click to create’ user interface to build a progressive web application from any responsive website and add a wide variety of mobile security, SDKs, and APIs to their newly created Android and iOS apps in minutes – also with no code or coding.
The end result is a brand-new iOS, Android, or cross-platform app built entirely from scratch in seconds. Once the new app is created, customers instantly secure the app by selecting their choice of Appdome Mobile App Security features to build in the required security model directly into the app – all within the same no-code workflow.
Appdome offers SecurePWA as part of Appdome-DEV. SecurePWA dramatically accelerates enterprise mobile strategies. Organizations build genuine mobile apps from websites in minutes and offer users easy and persistent mobile app access to digital resources, offline use, and more, all with the confidence of the enterprise security model chosen by the organization.
- Protects non-public resources by restricting access/navigation to the home domain only.
- When enabled, the app will only be able to access trusted domains and sites.
- To enable access to protected resources, see the AUTHENTICATION section for advanced authentication services.
Prerequisites for Using Appdome’s SecurePWA
- Appdome account
- Appdome-DEV access
- A website address that is accessible from a mobile browser
- Signing Credentials (e.g., signing certificates and provisioning profile)
How to Convert Any Website Into a Secure Progressive Web App (PWA)
Follow these step-by-step instructions to convert any website into a PWA.
- Navigate to the Add App tab
- Select Create SecurePWA™
- Enter the website address (please validate that the website address is correct and reachable).
- Choose your App Name
- Choose the App platform: iOS, Android or both
- For the iOS platform – upload the Provisioning Profile.
- (optional) Add an icon (if you want to replace the default generated icon)
- (optional) Favicon Settings: add a favicon and adjust its size and position
- (optional) Dev settings – configure the app version and version code
- SiteTrust – (included by default) protects non-public resources by restricting access/navigation to the home domain only.
Congratulations! You now have converted your website to a progressive web app. You can find your PWA in your Appdome account (left navigation menu) with all the other app binaries that you’ve previously added to your account.
After Building Your PWA
After you have converted your website to a PWA, you need to move your PWA through the Appdome workflow. Just like with any other app that you build and secure using Appdome, click on the newly created PWA in your account, then select the services and security features you wish to implement in your PWA. Then click Build My App.
The minimum set of services required to secure your PWA is ONEShield by Appdome. (Appdome’s no-code App shielding/hardening solution). ONEShield prevents tampering, malicious reverse engineering, debugging and any other unauthorized changes to your new PWA. After building ONEShield into your app, you will now have a Secure PWA.
After you finish building your SecurePWA on Appdome, there are a few additional steps needed to complete your project, including signing your app.
Check out this KB on Completing My Appdome Project – final steps
- How to Open Non App URLs In Native Browser With Secure PWA
- How To Use Open-in to Launch a Mobile App From Your Secure PWA
- How to Make a Secure PWA Open Target URLs In Native Browser
Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.
If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform