Ostorlab Integration with App Center

Overview

In this guide, we will explore how to easily integrate Ostorlab automated security testing for Android and iOS mobile apps into your build process.

Video Demonstration

Watch this brief video for a visual walkthrough of the integration process.

Create App Center API Key:

Click on the app for which you want to create a configuration.

Click 'insecure_app_ostorlab'

Navigate to "Settings".

Click 'Settings'

Click on the edit icon for App API tokens.

Click here

Select the "New API token" button.

Click 'New API token'

Enter a brief description.

Fill 'ostorlab scanner webhook'

Select "Full Access".

Fill 'all'

Click on the "Add new API token" button.

Click 'Add new API token'

Make sure to copy your API key token.

Click here

Create the Configuration:

Click the menu button.

Click here

Next, click "Library" to expand.

Click 'Library'

Access the Integrations page.

Click 'Integrations'

Go to the App Center.

Click here

Go to the Configuration settings.

Click 'Configuration'

Create a new configuration.

Click 'New'

All the fields are required except for UI rules and test credentials. Ensure that the app name, owner name, and API key match the ones you obtained from App Center.

Fill 'insecure-app-ostorlab'

Save the configuration.

Click 'Save'

Verify the Configuration on App Center:

Click on the edit icon for Webhooks.

Click here

You should be able to see a webhook with the status ENABLED.

Click here

Conclusion

This guide covers the steps required to effectively and easily integrate Ostorlab autonomous security testing for Android and iOS mobile apps into your App Center build process.