(Latest: v3.4)
v3.3 v3.2 v3.1 v3.0 v2.9 v2.8 v2.7 v2.6
  • CLI Installation
    • Requirements
    • Initializing the Approov CLI
    • Installation on Linux
    • Installation on MacOS
    • Installation on Windows
    • Installation using Brew
  • Reference Guide
    • Getting Started With Approov
      • Exploring Other Approov Features
      • Account Access Roles
      • Passwords
      • Installing on Another Machine
      • Account Access Recovery
    • Approov Architecture
      • Key Components
      • Backend Integration Options
      • Detection Capabilities
      • Dynamic Pinning
      • Security Rules Updates
      • Cloud Server Redundancy
    • Frontend App Integration
      • Android Specific
      • iOS Specific
      • Getting the Initial SDK Configuration
      • Getting the Extended SDK Configuration
      • Handling Multiple Accounts
      • Approov Fetch Status
      • Fetch Latency
      • Attestation Response Code
      • Decoding an Attestation Response Code
      • Rejection Reasons
    • Managing API Domains
      • Overview
      • Adding API Domains
      • Keyset Key API Addition
      • Adding No Approov Token Domains
      • Listing API Domains
      • Removing API Domains
      • Setting Wildcard Mode
      • Adding Demonstration Shapes API
    • Managing App Signing Certificates
      • Android App Signing Certificates
      • Adding Android App Signing Certificates From App
      • Adding Huawei App Signing Certificates From Portal
      • Adding Apple App Signing Certificates From Portal
      • Adding Apple App Signing Certificates From App
      • Showing App Signing Certificates
      • Removing App Signing Certificates
      • Auto Registration
      • Forcing Failure of Specific App Versions
      • Development App Signing Certificates
      • App Signing Certificate Labels
      • Using a Development Key
    • Managing Registrations
      • iOS IPA Extraction
      • Registering an App
      • Android Registration Considerations
      • iOS Registration Considerations
      • watchOS Registration Considerations
      • Temporary Registrations
      • Updating Registration Expiry
      • Unversioned Registrations
      • Listing Registrations
      • Removing Registrations
      • Removing Multiple Registrations
      • Annotating a Registration
      • Special Library Registration
      • Registration From Device
      • Registration Cloning
    • Approov Tokens
      • Token Format
      • JWS Token Signing
      • JWE Token Encryption
      • Token Lifespan
      • Token Claims
      • Obtaining Additional Token Information
      • Reporting Token Misuse
      • Checking Token Validity
      • Loggable Tokens
      • Long Lived Approov Tokens
      • IP Tracking Policy
      • Audience Inclusion
      • Issuer Inclusion
      • IssuedAt Inclusion
      • Subject Inclusion
    • Backend Integration
      • Requirements
      • Account Secret Key Export
      • Account Secret Key JWK Export
      • Generating Example Tokens
      • Changing the Account Secret Key
      • Raw Account Secret Key
    • Managing Dynamic Pinning
      • Managed Trust Roots
      • Controlling Managed Trust Roots
      • Adding a Leaf Pin
      • Adding a Leaf Pin with a Port
      • Listing the Pins
      • Adding an Explicit Pin
      • Removing an Explicit Pin
      • Intermediate Public Key Pin Extraction
      • Certificate File Pin Extraction
      • Certificate Pins From a Device
      • Checking API Configuration
      • Testing the Pinning Implementation
      • Continuous Pinning Testing
      • Getting All API Configuration
      • Setting All API Configuration
    • Security Policies
      • What is a Security Policy
      • Device Properties
      • Changing Security Policy
      • Rejection Policies
      • Custom Rejection Policies
      • Custom Option Policies
      • Annotation Policies
      • Custom Annotation Policies
      • Key IDs
    • Managing Devices
      • Extracting the Device ID
      • Device ID Stability
      • Forcing a Device ID to Pass
      • Forcing a Device ID to Fail
      • Adding a Device Security Policy
      • Labelling a Device
      • Setting Pinning Mode
      • Listing Your Devices
      • Removing Devices
      • Removing Multiple Devices
      • Clearing All Device State
    • Device Filters
      • Filtering Purpose
      • Getting Specific Device Information
      • Specific Device Information
      • Analyzing New App Installs
      • Adding a Device Filter
      • Analyzing Filtered Devices
      • Regular Expression Filtering
      • Conjunction Filters
      • Listing Device Filters
      • Removing a Device Filter
      • Rejecting Filtered Devices
      • Banning Filtered App Installs
      • Marking Filtered Devices as Risky
      • Custom Filtered Security Policy
      • Observing All Fetching Devices
      • Analyzing Captured Streams
    • Token Binding
      • Token Binding Concept
      • Setting the Binding
      • Generating Example Token with Binding
    • Application Installation Attributes
      • Setting Installation Attributes
      • Adding a New Installation Key
      • Listing Installation Keys
      • Removing Installation Keys
      • Getting Private Installation Key PEM
      • Getting Installation Keys JWKS
      • Importing Installation Keys
      • Generating Example Installation Attributes Tokens
      • Verifying Installation Attributes Tokens
    • Apple DeviceCheck Integration
      • DeviceCheck Concept
      • Getting the DeviceCheck Key
      • Setting the DeviceCheck Key
      • Reading the Device State
      • Banning Based on Device State
      • Updating the Device State
      • Removing the DeviceCheck Key
    • Apple AppAttest Integration
      • AppAttest Status Flags
      • AppAttest Environment Setting
      • Enabling AppAttest
      • Getting AppAttest Status
      • Controlling AppAttest Assertion Rate
      • Rate Limiting AppAttest Attestations
      • Adding Apple Fraud Lookups
      • Setting Maximum Fraud Risk
    • Google Play Integrity Integration
      • Play Integrity Status Flags
      • Play Integrity Build Requirements
      • Create Google Cloud Project
      • Enable Play Integrity Responses
      • Creating a Service Account
      • Enabling Play Integrity Using a Service Account Key
      • Setting Google Cloud Project Number
      • Obtaining Play Integrity State
      • Disabling Play Integrity
      • Setting App Integrity Requirement
      • Setting App Certificate Integrity
      • Setting Device Integrity Requirement
      • Setting App Licensing Requirement
      • Rate Limiting Play Integrity Attestations
      • Controlling Play Integrity Attestation Renewals
    • Secure Strings
      • Enabling Secure Strings
      • Managing Predefined Secure Strings
      • Fetching Predefined Secure Strings
      • App Instance Secure Strings
    • Custom JWTs
      • Enabling Custom JWTs
      • Fetching Custom JWTs
      • Custom JWT Key Set Usage
    • Managing Key Sets
      • Adding a New Key
      • Listing Keys
      • Removing Keys
      • Getting Public Key PEM
      • Getting Keyset JWKS
      • Using JWKS URI Endpoint
      • Importing Keys
    • Installation Message Signing
      • Key Attestation
      • Enabling Installation Message Signing
      • Implementing Installation Message Signing
    • Account Message Signing
      • Enabling Account Message Signing
      • Getting the Account Message Signing Key
      • Disabling Account Message Signing
      • Implementing Account Message Signing
    • Android Automated Launch Detection
    • Metrics Graphs
      • Grafana
      • Metrics Naming
      • Grafana Dasards
      • Exporting Data
    • Service Monitoring
      • Summary Emails
      • API Monitoring
      • Managing Alert Email
      • Managing Email Recipients
      • Sending Test Email
      • Setting Summary Frequency
      • Emergency Contact
      • Healthcheck Endpoint
    • User Management
      • Best Practice
      • User Roles
      • Adding New User Roles
      • Access Expiry Reminders
      • Listing User Roles
      • Revoking User Access
      • Resending Onboarding Emails
    • Automated Approov CLI Usage
      • Creating an Automation Management Token
      • Automation Setup on Linux
      • Automation Setup on MacOS
      • Automation Setup on Windows
      • Retrieving an Existing Automation Management Token
    • Enabled Features and Limits
  • Trial Guide
    • Before You Start The Trial
    • Sign Up for an Approov Trial
    • Integrate Into Your App
    • Monitor Your API Traffic with Approov Metrics
    • Initializing the Approov CLI
    • Adding App Signing Certificates
    • Adding APIs to be Protected
    • Integrate Into Your Backend
    • Deploying Blocking Protection
    • Test Your Platform
    • Advanced Features
  • Release Notes
    • Version 3.4
    • Version 3.3
    • Version 3.2.1
    • Version 3.2
    • Version 3.1
    • Version 3.0
    • Version 2.9
    • Version 2.8
    • Version 2.7
    • Version 2.6.1
    • Version 2.6
    • Version 2.5
    • Version 2.4
    • Version 2.3
    • Version 2.2
    • Version 2.1
    • Version 2.0
    • Version 1.12
    • Version 1.11
    • Version 1.10
    • Version 1.9
    • Version 1.8
    • Version 1.7
    • Version 1.6
    • Version 1.5
    • Version 1.4
    • Version 1.2
    • Version 1.0
  • CLI Reference
    • Overview
    • Account Command
    • API Command
    • AppAttest Command
    • App Signing Certificates Command
    • Custom JWT Command
    • Device Command
    • DeviceCheck Command
    • Filter Command
    • ForceFail Command
    • ForcePass Command
    • Init Command
    • Installation Attributes Command
    • Keyset Command
    • Monitoring Command
    • Metrics Command
    • Password Command
    • Pin Command
    • Play Integrity Command
    • Policy Command
    • Registration Command
    • Role Command
    • SDK Command
    • Secret Command
    • Secure Strings Command
    • Support Command
    • Token Commands
    • Users Command
    • Web Command
    • Whoami Command
  • Go-Live Checklist
    • API Backend
      • 1. Token Check Integration
      • 2. Explicit Pinning Related
    • Mobile App
      • Production Release Process
      • For Direct SDK Integrations
  • Direct SDK Integration
    • Android SDK Integration
      • Getting the Android SDK
      • Importing the SDK into Android Studio
    • iOS SDK Integration
      • Getting the iOS SDK as an XCFramework
      • Importing the SDK into Xcode
      • Getting the iOS SDK as a Framework
    • SDK Initialization
    • SDK Initialization Options
      • Reinitializing the SDK
      • Reinitializing with a Specific Device ID
    • SDK Fetch Operations
      • Fetch Status Handling
    • Fetching Approov Tokens
      • Synchronous Token Fetching
      • Asynchronous Token Fetching
      • Getting an Attestation Response Code
      • Getting the Rejection Reasons
    • Public Key Pinning Implementation
      • Setting Pins
      • Reacting to Configuration Changes
      • Reacting to Force Apply Pins
    • SDK Interface Reference
      • Initialization
      • Configuration Fetching
      • Getting the Device ID
      • Getting the Installation Public Key
      • Pins Extraction
      • Pins JSON Extraction
      • Fetch Result
      • Synchronous Token Fetch
      • Asynchronous Token Fetch
      • Synchronous Secure String Fetch
      • Asynchronous Secure String Fetch
      • Synchronous Custom JWT Fetch
      • Asynchronous Custom JWT Fetch
      • Development Key
      • Token Binding
      • Install Attributes
      • Integrity Measurement Proof
      • Device Measurement Proof
      • Account Message Signing
      • Installation Message Signing
      • Set User Property
      • Set Activity
    • Offline Security Mode
      • Use Case
      • Operational Flow
      • Backend Integration
      • Remote Hardware Integration
      • Requesting a Baseline Measurement
      • Persisting the Measurement Configuration
      • Getting a Measurement Proof
  • Web Protection Integration
    • Web Protection Flow
    • Implementing the Integrated Service Flow
      • Enable Web Protection for an API
      • Fingerprint
      • Google reCAPTCHA
      • hCaptcha
      • DPoP Token Use and Verification
      • Web Protection Metrics Presentation
      • Web Protection Service Reference
  • Quickstart Integrations
    • Frontend Web Browser
    • Mobile App
    • Backend API

© 2017-2025 Approov Ltd.