This document outlines the setup process for the Mobile Protect SDK in Apache Cordova applications. The onboarding steps are similar to those for native iOS and Android apps, but each platform is addressed separately.
iOS: Add Mobile Protect SDK
Repo API Key
Mobile Protect builds are served from the following git repository: https://mobile-protect-repos.securetheorem.com/mobileprotect-ios
Access via SPM and CocoaPods, or Clone the Repo
To clone the repo:
git clone https://any:{REPO_API_KEY}@mobile-protect-repos.securetheorem.com/mobileprotect-ios
You can avoid the need for directly referencing the Repo API Key by adding it to your environment's .netrc file. Add the following to ~/.netrc (create the file if it doesn't already exist):
machine mobile-protect-repos.securetheorem.com
password {REPO_API_KEY}
Replace {REPO_API_KEY} with your real Mobile Protect Repo API Key.
Using CocoaPods
1. Initialize CocoaPods
Skip this step if your project already uses CocoaPods and has a Podfile.
Navigate to the iOS project directory in your Cordova project. This is usually located at platforms/ios/.
cd platforms/ios/
Initialize CocoaPods in this directory:
pod init
2. Add the MobileProtect Pod
Open the Podfile created in your project directory using a text editor and add the MobileProtect pod:
# platform :ios, '9.0' target 'HelloWorld' do use_frameworks! # Unpinned version pod 'MobileProtect' # Specific version pod 'MobileProtect', '~> 25.0.3' end
'HelloWorld' would be replaced with the real target name of your Cordova iOS project.
3. Install the Pod
Run the following command in the same directory to initiate the download of Mobile Protect:
pod install
Using Swift Package Manager (SPM)
1. Open the Project's Xcode Workspace (.xcworkspace)
Navigate to the iOS project directory in your Cordova project. This is usually located at platforms/ios/.
cd platforms/ios/
Open project's .xcworkspace file.
open *.xcworkspace
2. Add the Mobile Protect SPM Package
Enter the following URL in Xcode, File → Add Package Dependencies… → Enter Package URL:
https://spm:{REPO_API_KEY}@mobile-protect-repos.securetheorem.com/mobileprotect-ios
Replace {REPO_API_KEY} with your real Repo API Key. If the Repo API Key has already been added to your environment's .netrc file, spm:{REPO_API_KEY}@ can be omitted from the URL.
iOS: Mobile Protect Configuration
Add the Mobile Protect Config
Copy the MobileProtect.plist config file into the project, place it in the Target root. See Add Existing Files and Folders to a Project for instructions.
Android: Add Mobile Protect SDK
1: Add the Mobile Protect Maven Repository
The Mobile Protect for Android SDK is hosted on a private Maven repository. To be able to fetch the dependency, you must first register the dependency within your Gradle manifest.
You will need to add our repository to the plugin repositories, and declare it in your settings.gradle file:
pluginManagement {
repositories {
mavenCentral()
gradlePluginPortal()
google()
// Mobile Protect Maven Repository
maven {
credentials {
// Leave the username as "MAVEN"
username "MAVEN"
password "$MOBILEPROTECT_REPO_API_KEY"
}
url "<https://mobile-protect-repos.securetheorem.com/mobileprotect-android>"
}
}
}
Our plugin will then download its project dependencies so you will also need to add our repository to your project’s build.gradle file:
allprojects {
repositories {
mavenCentral()
google()
// Mobile Protect Maven Repository
maven {
credentials {
// Leave the username as "MAVEN"
username "MAVEN"
password "$MOBILEPROTECT_REPO_API_KEY"
}
url "https://mobile-protect-repos.securetheorem.com/mobileprotect-android"
}
}
}
Note: If you use settings for dependency management (for ex. if you see the error “Build was configured to prefer settings repositories over project repositories”) the Data Theorem repository will need to be added in settings.gradle under dependencyResolutionManagement->repositories.
2. Add the Mobile Protect Gradle Plugin
Declare the plugin within your project’s build.gradle as follows:
plugins {
id "com.dtplugin.mobileprotect" version("$VERSION")
// If you want to auto update to the latest use: version("+")
}
Note: If you encounter duplication issues because you have both TrustKit and MobileProtect, you can use the com.dtplugin.mobileprotect-notrustkit artefact and keep TrustKit as is.
3: Initialize Mobile Protect
Now you're ready to initialize the SDK. Within your application's main Application class, preferably in the onCreate() method, add the following code:
MobileProtect.init(this, R.xml.mobileprotect);
Android: Mobile Protect Configuration
Add the Mobile Protect Config
In the Android project, create the xml directory (/app/src/main/res/xml) if it does not exist. Then, copy the mobileprotect.xml config file into the xml resources folder.
The AUTH_TOKEN key contained in the configuration file is not sensitive. The key is only used to identify the data sent by Mobile Protect to the backend, but cannot be used to pull any data from the app nor the backend. It is safe to commit and have the token in the .apk as it is used as an identifier, similar to Google's Firebase: https://firebase.google.com/docs/projects/api-keys .