Skip to main content

Managing Android keystore files

This guide describes how to manage your Android keystore files with the Bitrise API. If you’d like to learn more about how to do the same on the UI, please check out Android code signing.

EndpointsFunctionRequired role on the app's team
GET/apps/{app-slug}/android-keystore-filesGet a list of Android keystore filesOwner or Admin
POST/apps/{app-slug}/android-keystore-filesCreate an Android keystore fileOwner or Admin
DELETE/apps/{app-slug}/android-keystore-files/{android-keystore-file-slug}Delete an Android keystore fileOwner or Admin

Listing the Android keystore files of an appClick to copy link

Required role

You must have an admin or owner role on the app's team to manage Android keystore files using the Bitrise API.

For a complete list of user roles and role cheatsheets, check User roles on app teams.

Retrieve a list of the Android keystore files of an app with the GET method of the android-keystore-files endpoint. The returned data includes, among other things, the names of the files, their size, as well as their current status.

The required parameter is:

  • app slug

Optional parameters are:

  • next: slug of the first file in the response (as a string)
  • limit: max number of elements per page (as an integer) where the default is 50.

Getting all Android keystore files of an app

Request:

curl -X GET -H  'Authorization: THE-ACCESS-TOKEN' 'https://api.bitrise.io/v0.1/apps/APP-SLUG/android-keystore-files'

Response:

{
  "data": [
    {
      "upload_file_name": "simplesample.jks",
      "upload_file_size": 2062,
      "slug": "01GDFZW5DZED3DQD4VK835FKTP",
      "processed": true,
      "is_expose": true,
      "is_protected": false,
      "user_env_key": "ANDROID_KEYSTORE",
      "exposed_meta_datastore": {
        "PASSWORD": "",
        "ALIAS": "",
        "PRIVATE_KEY_PASSWORD": ""
      }
    }
  ],
  "paging": {
    "total_item_count": 1,
    "page_item_limit": 50
  }

Creating and uploading Android keystore filesClick to copy link

Required role

You must have an admin or owner role on the app's team to manage Android keystore files using the Bitrise API.

For a complete list of user roles and role cheatsheets, check User roles on app teams.

To add an Android keystore file to your app using the API, you will need to:

  1. Call the POST method of the android-keystore-files endpoint with the upload_file_name and upload_file_size parameters.

  2. Upload the file to AWS using the upload_url parameter from the response.

  3. Confirm the file upload with a POST call of the uploaded endpoint.

    This sets the processed flag of the file to true. This flag can't be changed again afterwards!

Creating and uploading a new Android keystore file

Creating the file:

curl -X POST -H 'Authorization: THE-ACCESS-TOKEN' 'https://api.bitrise.io/v0.1/apps/APP-SLUG/android-keystore-files' -d '{"upload_file_name":"simplesample.jks","upload_file_size":2062}'

Response:

{
  "data": {
    "upload_file_name": "simplesample.jks",
    "upload_file_size": 2062,
    "slug": "01GDFYTF2DXZZSWGMCF0ZTVSB9",
    "processed": false,
    "is_expose": true,
    "is_protected": false,
    "upload_url": "https://concrete-userfiles-production.s3.us-west-2.amazonaws.com/project_file_storage_documents/uploads/129261/original/simplesample.jks?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIV2YZWMVCNWNR2HA%2F20220921%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20220921T120206Z&X-Amz-Expires=600&X-Amz-SignedHeaders=content-length%3Bhost&X-Amz-Signature=ce3c66fa144ba6ca9478cff3b72c49e024779f64ba961ddfc84060f65ea92562",
    "user_env_key": "ANDROID_KEYSTORE",
    "exposed_meta_datastore": {
      "PASSWORD": "",
      "ALIAS": "",
      "PRIVATE_KEY_PASSWORD": ""
    }
  }
}

The file name, its size, slug, and a pre-signed upload URL are retrieved (along with some attributes that you can modify). This pre-signed upload URL is a temporary link which you will use to upload the Android keystore file to its destination.

Uploading the file to AWS using the value of the upload_url parameter:

curl -T simplesample.jks 'https://concrete-userfiles-production.s3-us-west-2.amazonaws.com/build_certificates/uploads/30067/original/certs.p12?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=AKIAIOC7N256G7J2W2TQ%2F20180216%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20180216T124240Z&X-Amz-Expires=600&X-Amz-SignedHeaders=content-length%3Bhost&X-Amz-Signature=2bf42176650f00405abfd7b7757635c9be16b43e98013abb7f750d3c658be28e'

Confirming the upload:

curl -X POST -H 'Authorization: THE-ACCESS-TOKEN' 'https://api.bitrise.io/v0.1/apps/APP-SLUG/android-keystore-files/ANDROID-KEYSTORE-FILE-SLUG/uploaded'

Downloading an Android keystore fileClick to copy link

Uploaded Android keystore files are stored in the General File Storage. You can retrieve them at any time by getting the download URL from the android-keystore-files endpoint.

To call the endpoint, you need the file slug returned when uploading the keystore file and the app slug.

curl -X GET "https://api.bitrise.io/v0.1/apps/APP-SLUG/android-keystore-files/ANDROID-KEYSTORE-FILE-SLUG" -H "accept: application/json" -H "Authorization: ACCESS-TOKEN"

The response will contain a download_url property, containing the URL in a string. You can use that URL to download the file itself.

Availability of the download_url

Note that the download_url is generated only when the file’s is_protected attribute is false.