# App Management API

The App Management API allows you to upload apps directly to the DT environment. Once DT successfully receives the submitted app, a DT Representative makes sure that all the necessary checks have been performed, and then makes the app available for distribution via Ignite. The API offers two endpoints—one to upload the APK package and another to check the APK approval status. Authentication is facilitated by DT’s authentication service called Account Service. When called via its own API, it issues tokens to be included in the App Management API request headers. The diagram below gives an overview of App Management API integration.

{% @mermaid/diagram content="sequenceDiagram
autonumber

```
participant P as Partner
box DT
    participant A as Account Service
    participant D as App Management
end

P->>A: POST api/post/auth/token<br/>{client_id, client_secret}
A-->>P: {access_token}

note over P: Upload app APK
P->>D: POST upload_apk/external_user<br/>(Auth: Bearer {access_token})
D-->>P: Response<br/>{upload_status, samsung_approval_status, manual_approval_status}

break
    D->>D: APK undergoes<br/>checks
end

note over P: Checking APK approval status
P->>A: POST api/post/auth/token<br/>{client_id, client_secret}
A-->>P: {access_token}

P->>D: GET apks_external/{id}<br/>(Auth: Bearer {access_token})<br/>{id}
D-->>P: Response<br/>{upload_status, samsung_approval_status, manual_approval_status}" %}
```

## Authentication <a href="#h_01hvw5z5gsy9y23yqvp7h96vkx" id="h_01hvw5z5gsy9y23yqvp7h96vkx"></a>

All calls to App Management API must include in the header a token issued by DT's authentication service—Account Service. To acquire this token, use the Account Service API: send **POST api/auth/token** and pass your **client\_id** and **client\_secret** in the request body. These parameters are provided by your DT Representative. The token you need to use is passed in the **access\_token** parameter. Note that the authentication token lifetime is 1 hour.

## POST /api/auth/token <a href="#h_01jqc21m92gczf839xefy53tkx" id="h_01jqc21m92gczf839xefy53tkx"></a>

Request a token from Account Service authentication service by passing credentials as body payload.

### Base URL <a href="#h_01jqc215bxpbksk3mb58sxsmm6" id="h_01jqc215bxpbksk3mb58sxsmm6"></a>

`PROD: https://account.digitalturbine.com`

### Headers <a href="#h_01jqc215bxajf46r7w5gd2ba18" id="h_01jqc215bxajf46r7w5gd2ba18"></a>

`Accept: application/json`

`Content-Type: application/json`

### Request example <a href="#h_01jqc215bxtn8h7gt73nsbgwar" id="h_01jqc215bxtn8h7gt73nsbgwar"></a>

```json
{
  "client_id": "820f2060-d373-4bdc-8de3-cdfa17d12a07",
  "client_secret": "v6yR06Iv5Oxac7Hm-CCgrorUqL9iZvD4_cUlQaGw3muxCaN-cagDuxQXM1KakJyJAUfx1pIdhMEw1Fjvbq4USQ",
  "grant_type": "client_credentials",
  "scope": "openid email roles"
}
```

### Request parameters <a href="#h_01jqc215bxe6j6r5dje9823b3d" id="h_01jqc215bxe6j6r5dje9823b3d"></a>

| Parameter      | Type   | Status   |                                              |
| -------------- | ------ | -------- | -------------------------------------------- |
| client\_id     | String | Required | Client UUID. Provided by DT Representative.  |
| client\_secret | String | Required | Hashed value. Provided by DT Representative. |
| grant\_type    | Enum   | Required | Always pass `client_credentials`.            |
| scope          | String | Required | Always pass `openid email roles`.            |

### Response example <a href="#h_01jqc215bxbnh6p9e94a4ywrhv" id="h_01jqc215bxbnh6p9e94a4ywrhv"></a>

```json
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6Ikp...",
  "expires_in": 3600,
  "scope": "openid email roles",
  "token_type": "Bearer"
}
```

### Response parameters <a href="#h_01jqc215bxhgnd6egvq5vee2gx" id="h_01jqc215bxhgnd6egvq5vee2gx"></a>

| Parameter     | Type    | Status   | Description                                                    |
| ------------- | ------- | -------- | -------------------------------------------------------------- |
| access\_token | String  | Required | Token to be used in headers of requests to App Management API. |
| expires\_in   | Integer | Required | Token lifetime in seconds, always `3600`.                      |
| token\_type   | Enum    | Required | Always `Bearer`.                                               |
| scope         | String  | Required | Always `openid email roles`.                                   |

## POST /v1/upload\_apk/external\_user <a href="#h_01jqc23bm1ke6yvys26sf8vtp5" id="h_01jqc23bm1ke6yvys26sf8vtp5"></a>

Upload an APK to Ignite.

### Base URL <a href="#h_01jqc23bm14mw8j3egxse99mvc" id="h_01jqc23bm14mw8j3egxse99mvc"></a>

`PROD: https://appmanagement.gcp-us-east1.gcp-prod.digitalturbine.io`

### Headers <a href="#h_01jqc23bm1q6bgfnmk04yg1281" id="h_01jqc23bm1q6bgfnmk04yg1281"></a>

`Authorization: Bearer your_token`

`Content-Type: application/json`

### Request example <a href="#h_01jqc23bm1af2zbt9yap92zy49" id="h_01jqc23bm1af2zbt9yap92zy49"></a>

```json
{
  "fallback_url": "string",
  "variant_segment_ids": [
    "3fa85f64-5717-4562-b3fc-2c963f66afa6"
  ],
  "send_to_samsung": true,
  "store_metadata":{
    "package_name":"com.fungame.myfungame",
    "category":"Game",
    "size":38700124,
    "short_description":"A fun game",
    "icon_url":"https://cdn.fungame.com/icons/icon.png",
    "website_url":"https://fungame.com",
    "developer":"Fun Game Studio",
    "email":"support@fungame.com",
    "market_url":"https://play.google.com/store/apps/details?id=com.fungame.myfungame",
    "privacy_policy_url":"https://fungame.com/privacy-policy",
    "permissions":{
      "access_network_state":{
        "en":"Access network information",
        "root_cat":"Network"
      }
    } 
  }
}
```

### Request parameters <a href="#h_01jqc23bm1xa7gmk9grak37aey" id="h_01jqc23bm1xa7gmk9grak37aey"></a>

| Parameter                                              | Type    | Status   | Description                                                                                                      |
| ------------------------------------------------------ | ------- | -------- | ---------------------------------------------------------------------------------------------------------------- |
| `file`                                                 | Binary  | Required | The APK file itself.                                                                                             |
| `fallback_url`                                         | String  | Required | URL where APK is available from.                                                                                 |
| `variant_segment_ids`                                  | Array   | Required | UUIDs of segments.                                                                                               |
| `send_to_samsung`                                      | Boolean | Required | Whether the APK needs to be verified by Samsung.                                                                 |
| `store_metadata`                                       | Object  | Required | Metadata for the APK.                                                                                            |
| `store_metadata.package_name`                          | String  | Required | APK package name. This metadata specification must match the uploaded APK. A mismatch makes the request invalid. |
| `store_metadata.category`                              | String  | Required | App category for the app.                                                                                        |
| `store_metadata.size`                                  | Number  | Required | Size, in bytes, of the APK file.                                                                                 |
| `store_metadata.short_description`                     | String  | Required | Brief description of the app.                                                                                    |
| `store_metadata.icon_url`                              | String  | Required | URL for app icon.                                                                                                |
| `store_metadata.developer`                             | String  | Required | Name of the app developer.                                                                                       |
| `store_metadata.email`                                 | String  | Required | Email address to contact the app developer.                                                                      |
| `store_metadata.website_url`                           | String  | Required | URL for the developer's website.                                                                                 |
| `store_metadata.market_url`                            | String  | Required | Store URL for the app.                                                                                           |
| `store_metadata.privacy_policy_url`                    | String  | Required | URL to the developer's privacy policy.                                                                           |
| `store_metadata.permissions`                           | Object  | Required | List of permissions that the app requires in order to run properly.                                              |
| `store_metadata.permissions.{property1}`               | Object  | Required | Name of the permission. For example, if your app requires network access, specify `access_network_state`.        |
| `store_metadata.permissions.{property1}.{description}` | String  | Required | Two-character language designation for the permission and the permission description in the specified language.  |
| `store_metadata.permissions.{property1}.{category}`    | String  | Required | Category of the permission.                                                                                      |

### Response example <a href="#h_01jqc23bm18x6hv4vw3wgzd5nm" id="h_01jqc23bm18x6hv4vw3wgzd5nm"></a>

```json
{
  "data": {
    "id": "string",
    "type": "string",
    "attributes": {
      "id": "string",
      "upload_status": "string",
      "samsung_approval_status": "string",
      "manual_approval_status": "string"
    }
  }
}
```

### Response parameters <a href="#h_01jqc23bm1r628dkw12djb1dg7" id="h_01jqc23bm1r628dkw12djb1dg7"></a>

| Parameter                 | Type   | Status   | Description                                                                                                                                                                                                                                                                                                                                                             |
| ------------------------- | ------ | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `data`                    | Object | Required |                                                                                                                                                                                                                                                                                                                                                                         |
| `id`                      | String | Required | Identifier of the APK (same as `data.attributes.id`)                                                                                                                                                                                                                                                                                                                    |
| `type`                    | String | Required | Type of the response object. Ex.: `ApkStatuses`                                                                                                                                                                                                                                                                                                                         |
| `attributes`              | Object | Required |                                                                                                                                                                                                                                                                                                                                                                         |
| `id`                      | String | Required | <p>Identifier of the APK (same as <code>data.id</code>).<br>Use this ID in your <a href="#h_01jqc23bm17s8494cby0kz9ht9">GET /v1/apks\_external/{id}</a> requests when checking the APK status.</p>                                                                                                                                                                      |
| `upload_status`           | String | Required | <p>Status of the APK upload to Ignite:<br><code>\[COMPLETED, SCHEDULED, ERROR]</code></p>                                                                                                                                                                                                                                                                               |
| `samsung_approval_status` | String | Required | <p>Status of the APK verification by Samsung:<br><code>\[NOT\_REQUESTED, SCHEDULED, COMPLETED, ERROR]</code></p><p>In some situations it may take about one day for the approval status to change to <code>COMPLETED</code>. Use <a href="#h_01jqc23bm17s8494cby0kz9ht9">GET /v1/apks\_external/{id}</a> to check the status.</p>                                       |
| `manual_approval_status`  | String | Required | <p>Status of the APK verification by DT Representative:<br><code>\[NOT\_REQUESTED, PENDING, APPROVED]</code>.</p><p>Since this verification is done manually, in some situations it may take some time for the approval status to change to <code>APPROVED</code>. Use <a href="#h_01jqc23bm17s8494cby0kz9ht9">GET /v1/apks\_external/{id}</a> to check the status.</p> |

## GET /v1/apks\_external/{id} <a href="#h_01jqc23bm17s8494cby0kz9ht9" id="h_01jqc23bm17s8494cby0kz9ht9"></a>

Get status of uploaded APK.

### Base URL <a href="#h_01jqc23bm1ngp3r65q7z096gmp" id="h_01jqc23bm1ngp3r65q7z096gmp"></a>

`PROD: https://appmanagement.gcp-us-east1.gcp-prod.digitalturbine.io`

### Headers <a href="#h_01jqc23bm1a8g7rf6xxm3pnqzc" id="h_01jqc23bm1a8g7rf6xxm3pnqzc"></a>

`Authorization: Bearer your_token`

`Content-Type: application/json`

### Request example <a href="#h_01jqc23bm1cf5b16f45vegksjv" id="h_01jqc23bm1cf5b16f45vegksjv"></a>

```json
{
  "id": "string"
}
```

### Request parameters <a href="#h_01jqc23bm12tf5d2vye8eyn8dr" id="h_01jqc23bm12tf5d2vye8eyn8dr"></a>

| Parameter | Type   | Status   | Description                                                                                                                                       |
| --------- | ------ | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |
| `id`      | String | Required | Identifier of uploaded APK. This is passed in `id` parameter of response to [POST /v1/upload\_apk/external\_user](#h_01jqc23bm1ke6yvys26sf8vtp5). |

### Response example <a href="#h_01jqc23bm19ht1bpp1041w5z3n" id="h_01jqc23bm19ht1bpp1041w5z3n"></a>

Same as [/v1/upload\_apk/external\_user](#h_01jqc23bm18x6hv4vw3wgzd5nm).

### Response parameters <a href="#h_01jqc23bm1s0sxg60tqnb4nsgs" id="h_01jqc23bm1s0sxg60tqnb4nsgs"></a>

Same as [/v1/upload\_apk/external\_user](#h_01jqc23bm1r628dkw12djb1dg7).

<br>