# Android

## Introduction <a href="#how-the-sdk-works" id="how-the-sdk-works"></a>

The SDK supports programmatic integration with Kotlin or Java.

{% hint style="info" %}
These instructions assume that you have already read the [Developer Guide](/mobile-sdk-v2.3.0/developer-guide-sdk-v2.3.0.md). If you have not yet done so, please do so before continuing below.
{% endhint %}

This SDK comes with examples: a full Android Studio project is enclosed, written in Java. You can play with this example to understand how SDK integration works.

## Installation <a href="#installation" id="installation"></a>

Unpack the **ReblazeSDK.zip** to your computer, and add the dependency:

In the project **build.gradle**:

```
allprojects {
    repositories {
        maven { url "file:${sdkRootDir}/libs/android/" }
    }
}
```

… and then in the module **build.gradle**, add the SDK:

```
implementation 'com.reblaze.sdk:mobile-sdk:2.3.0'
```

After you click *Sync Project with Gradle files*, the library will be available, and Android Studio will insert the **import** statement in your source files that need it:

```
import static com.reblaze.sdk.Reblaze.reblaze;
```

### **About ReLinker support**

For historical reasons, the example includes dependency on ReLinker.

```
implementation 'com.getkeepsafe.relinker:relinker:1.4.3'
```

If your app also uses ReLinker, then the Link11 WAAP SDK can make use of it. The `proguard.txt` that is shipped in the SDK bundle, includes this rule to keep ReLinker classes and methods, to make sure to add keep rules so that ReLinker code is not stripped from the final app or dex file.

```
-keep class com.getkeepsafe.relinker.** { *; }
```

## Finding the App Signature <a href="#finding-the-app-signature" id="finding-the-app-signature"></a>

For an Android app, you can get the SHA-256 fingerprint from the **keystore** or extract it from a signed APK:

```
apksigner verify --print-certs -v <APK_FILE>
```

{% hint style="info" %}
**apksigner** is a utility supplied with Android SDK, it can typically be found in `$ANDROID_SDK/build-tools/$BUILD_TOOLS_VERSION`directory.
{% endhint %}

See detailed instructions [here](https://security.stackexchange.com/questions/178936/how-to-verify-sha256-fingerprint-of-apk).

When uploading the fingerprint to the L11WAAP console, make sure that it contains hexadecimal characters only, in lowercase, without spaces.

During testing, you may allow running the app on an Emulator. This will use a special signature: `"abadbabe"`. Make sure that this is disabled on Production. Note that you can also use [Offline Testing](/mobile-sdk-v2.3.0/developer-guide-sdk-v2.3.0.md#offline-testing-mock) both on Emulator and on a physical device. The DEBUG signature "abadbabe" can be used for running the application on simulator (emulator) and devices in the debug mode. To use it, add "abadbabe" to the signatures section and make it active:

<figure><img src="/files/y1EnVyRzJZiOx3oayxBc" alt=""><figcaption></figcaption></figure>

There is a protocol between the SDK and the backend that negotiates the signature remotely and notifies the system of a new one, if such was generated. The communication between the components takes place under the /74d8-ffc3-0f63-4b3c-c5c9-5699-6d5b-3a1f endpoint, and when a new signature is introduced, it will be provided as a value for the header named "sig7" (see screenshot below), the signature can have 7 or more characters. This new signature shall then be added to the app signatures list under the Mobile SDK settings in the L11WAAP console. To find it easily in the View Log, use this filter:

`url~74d8-ffc3-0f63-4b3c-c5c9-5699-6d5b-3a1f`

<figure><img src="/files/zz6RSFTUSWB4toNurNCk" alt=""><figcaption></figcaption></figure>

## **Initialization and Configuration** <a href="#initialize-instantiate-the-sdk" id="initialize-instantiate-the-sdk"></a>

We recommend using no-code configuration. You need to supply a resource string **ReblazeURL** in your application resources, e.g. by dropping the following file into the **res/values** directory of your Android Studio project:

{% tabs %}
{% tab title="reblaze.xml" %}

```
<resources>
  <string name="ReblazeURL" translatable="false">
    https://rbzdns.example.com
  </string>
</resources>
```

{% endtab %}
{% endtabs %}

All other parameters will be received though [Remote Configuration](/mobile-sdk-v2.3.0/developer-guide-sdk-v2.3.0.md#remote-configuration).

If you prefer to configure the SDK programmatically, it's best to override the Application's [`onCreate()`](https://developer.android.com/reference/android/app/Application#onCreate\(\))

{% tabs %}
{% tab title="Kotlin" %}

```kotlin
override fun onCreate() {
    super.onCreate()
    reblaze.interval = 200
    reblaze.reportCounters = ReportCounters.NONE
    reblaze.backendUrl = "<YOUR-BACKEND-SERVICE-URL>"
}
```

{% endtab %}

{% tab title="Java" %}

```java
@Override
public void onCreate() {
    super.onCreate();
    reblaze.setInterval(400);
    reblaze.setReportCounters(ReportCounters.NONE);
    reblaze.setBackendUrl("<YOUR-BACKEND-SERVICE-URL>");
} 
```

{% endtab %}
{% endtabs %}

{% hint style="info" %}
On Android, the **userAgent** property is a shortcut for `System.getProperty("http.agent")`
{% endhint %}

## Auto-signing WebView Requests <a href="#auto-signing-webview-requests" id="auto-signing-webview-requests"></a>

You can use [`loadRequest`](https://developer.apple.com/documentation/webkit/wkwebview/1414954-loadrequest) or [`loadUrl`](https://developer.android.com/reference/android/webkit/WebView#loadUrl\(java.lang.String,%20java.util.Map%3Cjava.lang.String,%20java.lang.String%3E\)) to load a page that will be securely signed by Mobile SDK. But this will not extend signatures for the links embedded in the page, or AJAX requests and other resources. To include these, your WebView should use the **WebViewClient** class from the **com.reblaze.sdk** package.

{% tabs %}
{% tab title="Kotlin" %}

```kotlin
import com.reblaze.sdk.WebViewClient
...
webView.webViewClient = WebViewClient()
```

{% endtab %}

{% tab title="Java" %}

```java
import com.reblaze.sdk.WebViewClient;
...
webView.webViewClient = new WebViewClient();
```

{% endtab %}
{% endtabs %}

The snippet above shows that **com.reblaze.sdk.WebViewClient** extends the Android **WebViewClient** and can be further extended if necessary. All HTTPS requests for such webView that go to your **backendUrl** will be automatically signed by the SDK.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://waap.docs.link11.com/mobile-sdk-v2.3.0/android.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.