Shared Secret is a service allows you to specify a secret that will be embedded by Appdome in each client request. This secret will be verified by the application backend server and as a result, will identify the valid fused app.
This Knowledgebase article provides step-by-step instructions for using Appdome to add “Shared Secret” to any Android and iOS mobile app.
About Appdome Shared Secret
While Appdome verifies the authenticity of the SSL certificates received from the server against a predefined set of Certificate Authority (CA) certificates with the Trusted Session feature, the Shared Secret feature validates the client app against the backend server. By specifying a unique secret that will be included in the header of every URL request made by the application, this service allows the backend server to identify the fused app and verify its validity. All traffic to the backend server without the shared secret will be blocked.
Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs, and APIs to Android and iOS apps. Using Appdome’s simple ‘click to integrate’ user interface, the Appdome platform enables anyone (developers or non-developers) to easily add shared secret to any iOS or Android app – instantly, without source code or development.
Using Appdome, there is no development or coding required. For example, there is no Appdome SDK, libraries, or plug-ins to implement. Users merely upload mobile apps, select the shared secret service and click “Build My App.” The Appdome technology adds shared secret and more to the app automatically, with no manual development work at all.
Prerequisites for Using Appdome Shared Secret
In order to use Appdome’s no code implementation of the shared secret, you’ll need:
- Appdome account – IDEAL or Higher.
- The desired secret text
- Signing Credentials (e.g., signing certificates and provisioning profile)
- Pre-configured backend server to only allow client requests with this specific shared secret. For example, iRule in F5 Silverline server.
How to Add Shared Secret in Any Mobile App on Appdome
Upload a Mobile App to Your Account
Please follow these steps to add a mobile app to your Appdome account.
If you don’t have an Appdome account, click here to create an account.
Select the Build Tab. Beneath the Build Tab, select Security.
Expand the sub-category Secure Communication
- Enable or toggle “ON” Shared Secret
- Enter a unique text that comprises your secret
- (Optional) specify a name for the signature header (e.g. X-MYCOMPANY-SIGNATURE).
- (optional) to encrypt the Shared Secret – Expand the sub-category TOTALData™ Encryption under the Build tab and enable “Data at Rest Encryption”
- Click Build My App
The technology behind Add Context to My App has two major elements – (1) a microservice architecture filled with 1000s of code sets needed for mobile integrations, and (2) an adaptive code generation engine that can recognize the development environment, frameworks and methods in each app and match the app to the relevant code-sets needed to customize your mobile app in seconds. For example, adding a shared secret in every URL made by the application.
Congratulations! When Appdome completes your requested integration, you’ll see the notice below. You now have a mobile app fully integrated with a shared secret
After Adding Shared Secret to a Mobile App on Appdome
After you have added a shared secret to any Mobile App on Appdome, there are a few additional steps needed to complete your mobile integration project. Read this Knowledge Base article to learn what to do after you successfully build an app. It explains both optional steps and required steps.
That’s it – Enjoy Appdome User Agent in your app!
How Do I Learn More?
To learn more about how you can add security to any mobile app, visit the Appdome Mobile Security on our website.
You can request a demo at any time.
If you have any questions, please send them our way at email@example.com or via the chat window on the Appdome platform.