Appearance
Application Submission
This section details how to submit applications to Pradeo Security for analysis through the Mobile Threat Intelligence platform.
Overview
You can submit applications in two ways:
- Upload Application Binary - Submit APK/IPA files directly for analysis
- Search Application Database - Search for applications already in our database
Upload Application Binary
Submit an application binary by uploading it to the centralized applications store.
Requirements
- File format: APK (Android) or IPA (iOS)
- Valid application binary
- Proper authentication headers
API Endpoint
bash
POST /v2/applications-catalog/uploadExample Request
bash
curl -X POST "https://api.pradeo-security.com/v2/applications-catalog/upload" \
-H "x-access-key: YOUR_ACCESS_KEY" \
-H "x-secret-key: YOUR_SECRET_KEY" \
-F "app=@/path/to/your/app.apk"Response
json
{
"id": "<application-id>",
"status": "processing",
"createdAt": "2024-01-15T10:00:00Z"
}Track ID: Save this ID to monitor the submission status. The application is queued for analysis in our centralized applications store.
Processing
Once uploaded:
- The application is transferred to our centralized applications store
- Our system analyzes the binary for security threats
- A detailed report is generated with findings
- You can retrieve the report using the application ID
Note: Analysis may take time depending on application size and queue. Check back periodically using the application ID.
Search Application Database
Search for applications already in our database.
API Endpoint
bash
POST /v2/applications-catalog/searchSearch by Package Name
bash
curl -X POST "https://api.pradeo-security.com/v2/applications-catalog/search" \
-H 'Content-Type: application/json' \
-H "x-access-key: YOUR_ACCESS_KEY" \
-H "x-secret-key: YOUR_SECRET_KEY" \
-d '{
"search": "com.facebook.katana"
}'Search by Application Name
bash
curl -X POST "https://api.pradeo-security.com/v2/applications-catalog/search" \
-H 'Content-Type: application/json' \
-H "x-access-key: YOUR_ACCESS_KEY" \
-H "x-secret-key: YOUR_SECRET_KEY" \
-d '{
"search": "Facebook"
}'Response
json
{
"id": "<track-id>",
"status": "searching",
"createdAt": "2024-01-15T10:00:00Z"
}The search will crawl our database looking for matching applications. If found, results will be available for retrieval.
Best Practices
- Format: Ensure applications are in valid APK/IPA format
- Version Information: Include version details for accurate matching
- Batch Processing: Submit multiple applications efficiently
- Track IDs: Save track IDs for monitoring progress
- Retry Logic: Implement exponential backoff when checking analysis status
- Error Handling: Handle cases where applications cannot be analyzed
Error Handling
Common Errors
| Status Code | Meaning | Solution |
|---|---|---|
| 400 | Bad Request | Check request format and parameters |
| 401 | Unauthorized | Verify access key and secret key |
| 403 | Forbidden | Check permission level and features enabled |
| 404 | Not Found | Application may not exist in database |
| 413 | Payload Too Large | Application binary exceeds size limit |
Next Steps
- Security Reports - Retrieve analysis reports
- Overview - Back to MTI integration overview