Skip to content

Appdome/appdome-api-python

BranchesTags

Repository files navigation

Appdome Python Client Library

Python client library for interacting with https://fusion.appdome.com/ tasks API.

Each API endpoint has its own file and main function for a single API call.

appdome_api.py contains the whole flow of a task from upload to download.

All APIs are documented in https://apis.appdome.com/docs.

For detailed information about each step and more advanced use, please refer to the detailed usage examples

Requirements

  • Python 3.6 or later
  • requests library **>= 2.26.0`

Basic Flow Usage

Examples

Android Example:

python3 appdome_api.py \
--api_key <api key> \
--fusion_set_id <fusion-set-id> \
--team_id <team-id> \
--app <apk/aab file> \
--sign_on_appdome \
--keystore <keystore file> \
--keystore_pass <keystore password> \
--keystore_alias <key alias> \
--key_pass <key password> \
--output <output apk/aab> \
--build_to_test_vendor <bitbar,saucelabs,browserstack,lambdatest,perfecto,firebase,aws_device_farm,app_debug,app_profiler> \
--certificate_output <output certificate pdf> \
--deobfuscation_script_output <file path for downloading deobfuscation zip file> \
--build_overrides <json_file_path> \
--context_overrides <json_file_path> \
--sign_overrides <json_file_path>
--firebase_app_id <app-id for uploading mapping file for crashlytics (requires --deobfuscation_script_output and firebase CLI tools)>
--datadog_api_key <datadog api key for uploading mapping file to datadog (requires --deobfuscation_script_output)>
--baseline_profile <zip file for build with baseline profile>
--input_mapping <txt file for build with input obfuscation/minimization mapping>
--cert_pinning_zip <zip file containing dynamic certificates>
--signing_fingerprint_list <path_to_json_file> \
--new_bundle_id <new bundle id>
--new_version <new app version>
--new_build_num <new app build number>
--new_display_name <new app display name>

Android SDK Example:

python3 appdome_api_sdk.py \
--api_key <api key> \
--fusion_set_id <fusion-set-id> \
--team_id <team-id> \
--app <aar> \
--output <output aar> \
--certificate_output <output certificate pdf> \
--build_overrides <json_file_path>

iOS Example:

python3 appdome_api.py \
--api_key <api key> \
--fusion_set_id <fusion-set-id> \
--team_id <team-id> \
--app <ipa file> \
--sign_on_appdome \
--keystore <p12 file> \
--keystore_pass <p12 password> \
--provisioning_profiles <provisioning profile file> <another provisioning profile file if needed> \
--entitlements <entitlements file> <another entitlements file if needed> \
--output <output ipa> \
--certificate_output <output certificate pdf> \
--build_overrides <json_file_path> \
--context_overrides <json_file_path> \
--sign_overrides <json_file_path>
--cert_pinning_zip <zip file containing dynamic certificates>
--new_bundle_id <new bundle id>
--new_version <new app version>
--new_build_num <new app build number>
--new_display_name <new app display name>

iOS SDK Example:

python3 appdome_api_sdk.py \
--api_key <api key> \
--fusion_set_id <fusion set id> \
--team_id <team id> \
--app <zip file> \
--keystore <p12 file> \  # only needed for sign on Appdome
--keystore_pass <p12 password> \ # only needed for sign on Appdome
--output <output zip> \
--certificate_output <output certificate pdf> \
--build_overrides <json_file_path>

Signing Fingerprint List (Android only)

The --signing_fingerprint_list option allows you to specify a list of trusted signing fingerprints for Android applications. This is useful when you need to trust multiple signing certificates.

Important Notes:

  • This option is only valid for Android applications (APK/AAB files)
  • It is mutually exclusive with --google_play_signing, --signing_fingerprint, and --signing_fingerprint_upgrade
  • You cannot use --signing_fingerprint_list together with any of the other signing fingerprint options

Usage

--signing_fingerprint_list <path_to_json_file>

JSON File Format: The JSON file should contain an array of fingerprint objects. Each object must include:

  • SHA: The SHA-1 or SHA-256 certificate fingerprint (required)
  • TrustedStoreSigning: true/false Indicates whether the certificate fingerprint is used for store submissions (e.g., Google Play). (Optional; defaults to false)

Example JSON file (fingerprints.json):

[
  {
    "SHA": "E71186B4D94016F0A3F2A68DF5BC75D27CA307663C6DFDE5923084486D43150E",
    "TrustedStoreSigning": false
  },
  {
    "SHA": "857444B499AAABF7DF388DEA89CC2DA0258273B7C1B091866FA1267E8AA3495D",
    "TrustedStoreSigning": true
  },
  {
    "SHA": "C11E39F29C946A6408E5C5EA65D94FCB05C0DB302B43E6A8ABCB01256257442A",
    "TrustedStoreSigning": true
  }
]

Fields:

  • SHA: The SHA-1 or SHA-256 fingerprint of the signing certificate (required)

Update Certificate Pinning

To update certificate pinning, you need to bundle your certificates and mapping file into a ZIP archive and pass it to your build command.

What to include

  • Certificate files (one per host), in any of these formats:
    • .cer
    • .crt
    • .pem
    • .der
    • .zip
  • JSON mapping file (e.g. pinning.json), with entries like: 
    {
  "api.example.com": "api_cert.pem",
  "auth.example.com": "auth_cert.crt"
}

How to run

Gather all certificate files and pinning.json into a single certs_bundle.zip. Invoke your build with:

your-build-command --cert_pinning_zip=/path/to/certs_bundle.zip

About

Python library for interacting with https://fusion.appdome.com/ tasks API

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

11 stars

Watchers

4 watching

Forks

7 forks
Report repository

Releases 5

1.5.0 Latest
Oct 27, 2025
+ 4 releases

Packages

 
 
 

Contributors

Languages