App Device Integrity Server

This is the App Device Integrity Server. It can be used in conjunction with the App Device Integrity for Flutter.

Note that this project is intended to be a reference on how we can implement this anti-fraud feature on the server side.
For Apple App Attest, I have used the appattest-checker-node package, but feel free to adapt and use another one, like the node-app-attest

Here is an example of how we can make a post request data body after we receive the attestationToken and keyId on iOS:

{
    "challenge" : "challenge_generated_by_server",
    "attestToken" : "attest_token_in_base64_format",
    "platform" : "IOS",
    "keyId" : "keyid_from_app_attest"
}

It is recommended as a good practice to use a database like MongoDB to store challenges and, mainly, keyIds from iOS devices, to improve fraud attempts.

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
.vscode		.vscode
controllers		controllers
middlewares		middlewares
services		services
utils		utils
.env.example		.env.example
.gitignore		.gitignore
README.MD		README.MD
app.js		app.js
docker-compose.yml		docker-compose.yml
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

App Device Integrity Server

About

Uh oh!

Releases

Packages

Languages

Erluan/app_device_integrity_server

Folders and files

Latest commit

History

Repository files navigation

App Device Integrity Server

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages