Identity & Authorization APIs
The first GD (Good Dynamics) API call made when an application starts is the authorize call which authorizes the end user and establishes a connection between the application and the GD platform. Two types of activations occur:
- Infrastructure Activation – device registration at the Network Operating Center
- Enterprise Activation – association of device with provisioned end user via key
Calls to other GD APIs cannot be made until the authorize call is complete.
A GD application is uniquely identified by the GD Entitlement ID which uses a reverse domain name convention (e.g. com.good.gd.examples.remotedb). This identifier never changes. There is also a GD Entitlement Version used to identify new functionality in the app such as a shared service. This version number rarely changes.
Secure Storage APIs
There are 2 basic secure storage APIs, the File System and Database.
The File System API behaves like the default file system. But, all data within the secure file system is stored on the device in an encrypted form transparently to the app.
The Good Dynamics secure SQL database is based on the SQLite library. Encryption is added transparently to the app. Only the open call needs to be changed to use sqlite3enc_open.
Secure Communication APIs
The basic secure communications APIs are based on HTTP and TCP sockets. For either API, the application server can be on the Internet or on-prem behind the firewall. The GD HTTP Request API is based on the XML Http Request (XHR) standard. HTTPS security is supported as well. In either case no code changes are required and encryption/decryption is transparent.
The GD Socket API is for bi-directional data communications. SSL and TLS are supported. The GD Socket API is asynchronous and state-based. For more information, a recording of our webcast Good Dynamics Client – A Look at the Basic Security Services APIs (Part 2) from March 1st is available here.