App Inspections API

Use the App Inspections API to request an application inspection or get an inspection report that was previously generated for the latest version of the application. Use an Inspection Report to evaluate an app against your organization’s unique set of criteria so that you can make an informed decision about whether an app is safe and reliable. This data can also help you determine the most appropriate set of application policies to apply to the application. While an inspection is pending, or if unacceptable risk is detected, you can disable the app within the App Catalog to prohibit users from installing it.

EASE uses Appthority™ to perform an inspection. Appthority provides an App Risk Management service that employs static, dynamic, and behavioral analysis to immediately discover the hidden actions of apps and generate an inspection report that qualifies and quantifies an app’s reputation. For more information on app inspections, see Inspect an Application.

Note

Inspecting applications is a premium feature that is disabled by default. If you are interested in using this feature and it is not enabled for your organization, contact your Apperian Sales representative.

Resources

GET /v1/applications/(app_psk)/inspections/

Get Inspection Report for Latest Version of Application

Requires administrator privileges. Authenticate as an EASE administrator.

Gets the inspection report for the latest version of the application, if one is available. If a report has not yet been generated for the application, this resource returns an error. Use the POST /applications/(app_psk)/inspections/ resource to request an inspection report for the application.

URLs

Environment URL
North America https://na01ws.apperian.com/v1/applications/<int:app_psk>/inspections/
Europe https://eu01ws.apperian.eu/v1/applications/<int:app_psk>/inspections/

URL Parameters

app_psk
(Required) Unique ID of the application for which you want to retrieve the inspection report. DATA TYPE: integer

Header Parameter

X-TOKEN
(Required) Session token returned by POST /users/authenticate.

Data Parameters

None

Example Request

curl -X GET "https://na01ws.apperian.com/v1/applications/123/inspections/"
 --header "X-TOKEN: eTg8ktZXRqKIBJTHunwP6A"

Example Response

The following response shows a portion of a report. To view a response showing a complete report, see Sample Application Inspection Report.

{
   "report": {
         "psk": 540,
         "verified_date": "2014-02-23T18:51:56.676763+00:00",
         "version": {
           "psk": 24664
         },
         "report_json": {
           "short": {
                 "reports_stores_creds_no_encypt": "false",
                 "receive_encrypted": true,
                 "ad_networks": false,
                 "reports_sends_address_book": "false",
                 "reports_sends_email_arch": "false",
                 "twitter": false,
                 "reports_buy_apps": "false",
                 "receive_mms": false,
                 "app_id": 2408962,
                 "buy_apps": false,
                 "reports_sends_udid": "false",
                 "reports_identify_user": "true",
                 "reports_attempts_root_device": "false",
                 "reports_mic": "false",
                 "reports_sends_sms_archive": "false",
                 "receive_sms": false,
                 "reports_camera": "false",
                 "malware": false,
                 "identify_user": true,
                 "reports_cloud_storage_required": "false",
                 "reports_sends_imei": "false",
                 "send_encrypted": true,
                 "send_mms": false,
                 "reports_crash": "false",
                 "platform": 20,
                 "version": "0",
                 "reports_ad_networks": "false",
                 "application_name": null,
                 "reports_agad_detected": "false",
                 "permission": [],
                 "reports_sends_calendar": "false",
                 "publisher": "Unknown",
                 "reports_bluetooth": "false",
                 "reports_read_calendar": "false",
                 "location_tracking": true,
                 "social_networking": false,
                 "facebook": false,
                 "read_address_book": false,
                 "vpn": false,
                 "reports_cloud_storage": "false",
                 "voip": false,
                 "reports_sms_activity": "false",
                 "reports_read_address_book": "false",
                 "reports_internet": "true",
                 "read_calendar": false,
                 "reports_malware_detected": "false",
                 "reports_cloud_storage_default": "false",
                 "reports_social_networking": "false",
                 "read_emails": false,
                 "send_sms": false,
                 "reports_spyware_detected": "false",
                 "reports_location_tracking": "true",
                 "source": "User",
                 "urls": [
                   "analytics.localytics.com",
                   "subject.CN",
                   "www.apple.com",
                   "developer.apple.com"
 .
 .
 .

}
POST /v1/applications/(app_psk)/inspections/

Request Inspection Report

Requires administrator privileges. Authenticate as an EASE administrator.

Requests an inspection report for the application.

URLs

Environment URL
North America https://na01ws.apperian.com/v1/applications/<int:app_psk>/inspections/
Europe https://eu01ws.apperian.eu/v1/applications/<int:app_psk>/inspections/

URL Parameters

app_psk
(Required) Unique ID of the application you want to inspect. DATA TYPE: integer

Header Parameter

X-TOKEN
(Required) Session token returned by POST /users/authenticate.

Data Parameters

None

Example Request

curl -X POST "https://na01ws.apperian.com/v1/applications/123/inspections/" --header "X-TOKEN: eTg8ktZXRqKIBJTHunwP6A"

Example Response

In the response, inspection_status indicates the status of the request:

  • -1 (Error) An error occured during the inspection.
  • 1 (Uploading) The report is uploading to Appthority.
  • 2 (Pending) EASE is waiting for a response from Appthority; the report should be available shortly.
  • 3 (Verified) The report is ready and available.
{
  "inspection_status": 3
}
PUT /v1/applications/(app_psk)/inspections/cancel/

Cancel Application Inspection

Requires administrator privileges. Authenticate as an EASE administrator.

Cancels an in-progress application inspection.

URLs

Environment URL
North America https://na01ws.apperian.com/v1/applications/<int:app_psk>/inspections/cancel
Europe https://eu01ws.apperian.eu/v1/applications/<int:app_psk>/inspections/cancel

URL Parameters

app_psk
(Required) Unique ID of the application for which you want to cancel the in-progress inspection. DATA TYPE: integer

Header Parameters

X-TOKEN
(Required) Session token returned by POST /users/authenticate.

Data Parameters

None

Example Request

curl -X PUT https://na01ws.apperian.com/v1/applications/6413/inspections/cancel --header "X-TOKEN: hShU5OD-SiadD8gyC_K4HA"

Example Response

{
     "canceled": True
}