Using Appdome to Validate App Signing

Signing mobile apps is complex and prone to error. Appdome provides tools to validate app signing when users sign mobile apps locally or privately on their own systems.

This Knowledge Base article provides step-by-step instructions for using Appdome to validate app signing for any signed Android and iOS mobile app.

We hope you find this knowledge base useful and enjoy using Appdome!

Using Appdome to Validate App Signing

Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs and APIs to Android and iOS apps. Using a simple ‘click to add’ user interface, Appdome allows anyone to easily add additional functionality to any mobile app – instantly, no code or coding required.

In order to deploy a Fused app, it must be signed.  Users have the flexibility of signing fused applications inside or outside of Appdome. We highly recommend you to use the built-in app signing functionality in Appdome. Appdome uses multiple input validation mechanisms to ensure proper signing of each mobile app. Deploying an Appdome-Fused app is only possible if it has been signed properly.

If you choose to sign and Appdome-Fused app outside of Appdome, Appdome offers an App Validation service that can quickly verify if your app was correctly signed. The service also verifies that the app wasn’t tampered with in any way that may prevent it from running on any mobile device.

Prerequisites for using Appdome’s App Validation

In order to use Appdome’s app validation you’ll need:

  • Appdome account – IDEAL or higher.
  • Signed mobile app (.ipa for iOS, or .apk or .aab for Android)

How To Validate Your Signed Mobile App On Appdome 

Follow these step-by-step instructions to validate app signing on Appdome:

  1. Login to your Appdome account
  2. Click on your user name in the top-right corner of the screen, and select App Validation.
    learn how to validate app signing
  3. Upload your signed mobile app by dragging the app file to the dropbox or by browsing your device for the app file.
    Note! You can’t validate an app unless you are authorized to change its functionality
    use appdome to validate app signing
  4. Once the your app was fully loaded, Appdome’s app validation process will start automaticallyvalidate app signing - see how easy it is
  5. When the app validation process is completed, Appdome will present the results of the validated app signing at the bottom of the screen.

Here are a few examples of apps validation results:

  • Correctly signed app:
  • Falsely signed iOS app (private signing):
  • Android app signed with incorrect keystore (private signing):validate app signing on appdome

How do I correctly sign my app?

Signing iOS app and Signing an Android app are easy using Appdome. Alternatively, you can use Private Signing, download your unsigned app and sign locally using your own signing methods.

Make sure you sign correctly as an incorrect signature can trigger Appdome’s Anti-Tampering protection.

How to validate the signing SHA-1 or SHA-256 of a Google Play App

In some cases, Google Play resigns the application. In these cases, the SHA1 or the SHA-256 can be extracted via the Google Play Console. Or Via extracting the downloaded apk from an Android phone, and uploading it to the verification tool as depicted above.

How Do I Learn More?

Check out Appdome’s platform or request a demo at any time.

If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free

Liron Dror

Have a question?

Ask an expert

DafnaMaking your security project a success!