AppTego Documentation
Welcome to the public AppTego documentation. These guides help mobile, security, DevOps, and compliance teams protect Android and iOS apps, validate releases, automate protected builds, and operate AppTego in production.
AppTego works at the compiled-app level: you configure protection, submit an Android APK or App Bundle, or an iOS IPA, and receive a protected artifact that can be tested and released through your normal channels. The AppTego Portal and Automation API support .apk, .aab, and .ipa uploads; the first-party GitHub Actions and CircleCI integrations currently accept Android .apk and iOS .ipa inputs.
Choose Your Path
| If you want to... | Start here | Then go here |
|---|---|---|
| Understand the platform | Getting Started | Overview |
| Protect a first QA build | Overview | Uploading Apps |
| Decide which protections to enable | Security Controls | All Controls |
| Operate the portal day to day | AppTego Portal | Navigating the Portal |
| Move protection into CI/CD | CI/CD Integration | Automation API |
| Administer users, roles, and SSO | User Management | SAML SSO |
| Build internal tooling | Management API | Management API Overview |
| Diagnose a build or rollout issue | Troubleshooting | Support and Help |
Documentation Map
| Section | Best for | What you will find |
|---|---|---|
| Getting Started | New evaluators and first-time users | Product orientation, first-build path, architecture diagrams, supported platforms, plans, and FAQs. |
| Application Builds | Release engineers and QA teams | Upload flow, build statuses, signing choices, protected downloads, custom messages, and common failures. |
| AppTego Portal | Operators and tenant admins | Navigation, environments, dashboards, logs, users, SSO, billing, documents, support, and AI-assisted help. |
| Security Controls | Security engineers and app owners | Control categories, rollout strategy, response actions, platform guidance, and the full control index. |
| SDK Integration | Mobile engineers | Standard automatic injection and Enterprise Library Mode guidance. |
| CI/CD Integration | DevOps and release automation teams | GitHub Actions, CircleCI, artifact handling, secrets, and repeatable pipeline patterns. Use the direct Automation API path for Android App Bundle workflows. |
| Automation API | Build automation | The upload, status, and download API designed for CI/CD protection jobs. |
| Management API | Platform automation | Programmatic access to configuration, builds, users, tenant features, logs, and monitoring. |
| Troubleshooting | Anyone blocked during rollout | Fast triage for build, signing, CI/CD, authentication, configuration, and runtime issues. |
| Glossary | Everyone | Shared terminology used across AppTego docs and the portal. |
Recommended Rollout
Use this path when you are introducing AppTego to a production app for the first time.
- Confirm your app format, supported platform, signing model, release channel, and plan limits in Getting Started and Subscription and Billing.
- Choose a small baseline of detections and set them to Log so you can observe behavior before enforcing policy.
- Protect a QA build through Application Builds and test it on representative physical devices.
- Review security dashboard events, and use Device Logs when available on your plan, before moving noisy controls to stricter actions.
- Add prevention, network, integrity, and obfuscation controls according to your app sensitivity, plan, and rollout maturity.
- Promote configuration from Development to Staging to Production only after QA signs off on the protected build and the deployment-environment workflow is enabled for the tenant.
- Automate repeatable releases with GitHub Actions, CircleCI, or the Automation API. Use the Automation API directly when your Android pipeline produces
.aabartifacts. - Monitor production events, audit changes where available, and revisit response actions as your device population and threat model evolve.
Documentation Principles
These pages focus on customer-facing behavior: how to configure AppTego, protect apps safely, interpret results, and operate the platform. For tenant-specific build investigation, production incidents, account questions, or subscription changes, use Support and Help from the AppTego Portal when support tickets are available for your tenant.