Guides
Talk to Us

Build Automation: CI/CD Integration

Suggest Edits

Verimatrix XTD provides features for CI/CD integration. These allow XTD protection to be integrated into any build pipeline.

On the Overview page, select Setup CI/CD for up-to-date APS (Application Protection Service) API documentation.

API Key Manager

Verimatrix provides REST APIs for integration with external systems. To use any of the integration methods, you require an API key to authenticate the integration. Create and retrieve keys in the portal under the Settings menu in the API Key Manager panel.

Access API keys and documentation from Settings at the top right of the screen:

From the Settings dropdown, select API Key Manager to view your API keys, generate new keys, or learn about how to use the keys.

For detailed instructions, select How to Use API Keys at the top right of the API Key Manager screen.

Generate New API Key

Select Generate New API Key to generate a new key.

The generated key is downloaded. Store it in a secure location.

{
"appClientId": "7m.........0s5i",
"appClientSecret": "cm1m65g.......jt",
"encodedKey": "Njd.........tbzBzNW.......0"
}

NOTE Make sure you record the owner (username - email) of the generated key, as it is also required for authentication.

CI/CD GitHub Action

If you use GitHub, Verimatrix provides a GitHub Action that can be used to run CI/CD jobs within GitHub.

App Protection CLI Tool

Verimatrix's app protection command line tool (CLI) is available through GitHub.

This script requires python be installed, and added to the environment path as shown in the example below:

export PATH=${PATH}:/Library/Frameworks/Python.framework/Versions/3.13/bin

The following script installs the dependencies required by the CLI tool:

# !/bin/sh -l

python3 -m pip install coloredlogs python3 -m pip install js2py python3 -m pip install dateutil python3 -m pip install python-dateutil --upgrade python3 -m pip install requests python3 -m pip install pyaxmlparser python3 -m pip install backoff

The command to run is:

python3 aps.py -l INFO -P -c <API_KEY_OWNER> -s <ENCODED_API_KEY_SECRET> --api-gateway-url https://aps-api.appshield.verimatrixcloud.net --access-token-url https://ssoapi-ng.platform.verimatrixcloud.net/v1/token protect --file <APP_FILE> --subscription-type XTD_PLATFORM

Where:

ParameterDescription
API_KEY_OWNERThe username (usually email) of the API key owner
ENCODED_API_KEY_SECRETThe value of the 'encodedKey' field in the API key JSON
APP_FILEThe APK, AAB, or zipped XCarchive you wish to protect

Updated about 2 months ago