Mobile App Scans Endpoints

These API operations let you access information about the scans of registered mobile apps within your organization’s Data Theorem account.

List Mobile App Scans

This API operation gives you better insight regarding a mobile apps scan history by fetching all scans performed for a given mobile app. The data that is returned contains two keys: scans and pagination_information. The scans key contains a page of scans for the desired mobile app (identified in the URL and on the scan by the mobile_app_id). The pagination_information provides the cursor for the next page, as well as the total number of scans for the specified mobile app.

For the response, here are all the possible values that are returned from the API:

  • status: Current state of the scan in question.

    • ONGOING
    • COMPLETED
  • build_source: Where the binary was received from (If available, otherwise omitted).

    • DT_UPLOAD_FORM
    • DT_UPLOAD_API
    • GOOGLE_PLAY_STORE
    • ITUNES_STORE
    • APPCENTER

The response may also include the following optional fields. They are included based on whether certain information is available, or under certain circumstances

  • build_version:
    • The app version found in the binary that started this scan. Might be omitted if we cannot extract the version.
  • most_recently_scanned_build_version:
    • The app version found in the binary that was scanned. This is usually the same as the build_version, but if another binary is received before the scan completes, then the newer build will also be scanned as a part of this scan.
  • release_id:
    • The release ID associated with the binary that started this scan.
    • For APP_STORE apps, it always set by Data Theorem. For uploaded apps, a release ID can be specified when the app is uploaded.
  • most_recently_scanned_release_id:
    • The release ID found in the binary that was scanned. This is usually the same as the release_id, but if another binary is received before the scan completes, then the newer binary will also be included in the scan (and mentioned here).
  • end_date:
    • The date of when the scan in question finished. Omitted when the scan is still ongoing.
  • build_source_uploading_user:
    • If the scan was initiated by a user uploading the mobile app’s binary, then this will be set to that user’s email address. Otherwise, it will be omitted.

Sample Request

1
GET https://api.securetheorem.com/apis/mobile_security/results/v2/mobile_apps/:mobile_app_id/scans

Sample Response

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
{
"pagination_information": {
"total_count": "2"
},
"scans": [
{
"build_version": "1.21.0",
"id": "2345678901",
"mobile_app_id": "1234567890",
"release_id": "2020-02-29-1.21.0",
"start_date": "2020-02-29T06:01:11.628550+00:00",
"status": "ONGOING",
"upload_date": "2020-02-29T06:01:11.628550+00:00"
},
{
"build_version": "1.20.2",
"end_date": "2020-02-07T06:21:20.545420+00:00",
"id": "3456789022",
"mobile_app_id": "1234567890",
"most_recently_scanned_build_version": "1.20.3",
"most_recently_scanned_release_id": "2020-02-07-1.20.3",
"release_id": "2020-02-07-1.20.2",
"start_date": "2020-02-07T06:01:09.865928+00:00",
"status": "COMPLETED",
"upload_date": "2020-02-07T06:01:09.865928+00:00"
}
]
}

Get Mobile App Scan

This API operation returns a particular scan. The scan must be identified by both the mobile_app_id and the scan’s id, although the scan’s id is globally unique.

Sample Request

1
GET https://api.securetheorem.com/apis/mobile_security/results/v2/mobile_apps/:mobile_app_id/scans/:id

Sample Response

1
2
3
4
5
6
7
8
{
"end_date": "2018-09-21T00:55:18.078320+00:00",
"id": "3456789012",
"mobile_app_id": "2345678901",
"start_date": "2018-09-20T10:00:28.723706+00:00",
"status": "COMPLETED",
"upload_date": "2018-09-20T10:00:28.723706+00:00"
}