Mobile App Third-Party SDKs

This endpoint gives access to the list of third-party SDKs found within an app during scanning.

See the Introduction for an overview of the API and information relevant to all API operations.

List Third-Party SDKs in Mobile Apps

This endpoint returns a JSON object with sdks_in_mobile_apps and pagination_information keys. sdks_in_mobile_apps provides a paginated list of SDKs that are contained within particular mobile apps. It may return a given SDK multiple times: once for each app it is contained within.

It also returns pagination_information, which provides details about the total number of entries for the current query, and the cursor for accessing the next page of results for the current query.

The endpoint supports the following query parameters:

cursor - Retrieve a page of SDKs-in-mobile-apps, starting the page at the specified cursor.
mobile_app_id - Filter the list of SDKs-in-mobile-apps to only those entries representing SDKs in the specified mobile app.
sdk_id - Filter the list of SDKs-in-mobile-apps based on the (non-app-specific) SDK ID. If used on its own, it will return one entry for each mobile app that contains the specified SDK.
currently_present - Filters the list of third-party SDKs based on the presence of the SDK during the most recent scan. This endpoint normally returns SDKs-in-mobile-apps that are currently in an app, as well as entries that represent an SDK that was previously included in an app (but currently removed or not present). Use this query parameter to limit the response to just those SDKs that are currently present, or SDKs that are no longer present. It can be set to:
- true
- false

Sample Request

1	GET https://api.securetheorem.com/apis/mobile_security/results/v2/sdks_in_mobile_apps?mobile_app_id=4567

Sample Response

{
  "sdks_in_mobile_apps": [
    {
      "id": "4567-005432",
      "sdk_id": "44d15a7a-e0b5-5a21-94b6-a61d5e427dc7",
      "mobile_app_id": "4567",
      "date_created": "2016-11-02T19:25:16.664990-00:00",
      "currently_present": true,
      "title": "FirebaseAnalytics",
      "description": "Insights on app usage.",
      "associated_domains": ["https://firebase.google.com"],
      "associated_security_finding_target_ids": ["001234", "56789"],
      "portal_url": "https://securetheorem.com/app/1234/sdks",
      "license_information": [
        {
          "detail": "Apache-2.0",
          "license": "APACHE"
        }
      ],
      "sdk_dependency_relationship": "3rd Party",
      "history": [
        {
          "date": "2020-04-01T19:25:16.664990-00:00",
          "present": false
        },
        {
          "date": "2020-03-23T19:25:16.664990-00:00",
          "present": true
        },
        {
         "date": "2020-02-13T19:25:16.664990-00:00",
         "present": true
        }
      ],
      "links": [
        {
          "href": "sdks_in_mobile_apps?mobile_app_id=4567&sdk_id=44d15a7a-e0b5-5a21-94b6-a61d5e427dc7",
          "rel": "self",
          "type": "GET"
        },
        {
          "href": "mobile_apps/4567",
          "rel": "mobile_app",
          "type": "GET"
        }
      ]
    }
  ],
  "pagination_information": {
    "total_count": "1",
    "next_cursor": "kEgkIjrCzvdns0QISRmoRc35kaXNjby1vcmRlci03"
  }
}

For any SDK response within the sdks_in_mobile_app object, it may include the following fields:

associated_security_finding_target_ids
- A list of Security Finding Target IDs which are related to the SDK.
associated_domains
- A list of domains which are related to the SDK.
license_information
- A list of licenses the SDK is released under.
  - license: States the license type.
  - detail: States details such as version or if the license has been modified.
sdk_dependency_relationship
- An estimate of how an SDK relates to the rest of the App.