This topic describes how to integrate Anti-Bot SDK into iOS apps. In this topic, Anti-Bot
SDK is referred to as SDK. Before you can enable the app protection feature for your
iOS apps, you must integrate the SDK into your iOS apps.
Limits
Your iOS apps must use iOS 9.0 or later. If the API version is earlier than 9.0, the SDK cannot work as expected.
Prerequisites
- The app protection feature is purchased and enabled.
For more information, see Procedure to enable app protection.
- The SDK for iOS apps is obtained.
After you purchase the app protection feature, you can contact technical support in
the DingTalk service group to obtain the SDK. You can also submit a ticket to obtain the SDK.
The SDK has two versions: Identifier for Advertising (IDFA) version and non-IDFA version.
The two versions use the following SDK files:
- AliTigerTally_IDFA.framework
- AliTigerTally_NOIDFA.framework
If you use the IDFA version, we recommend that you integrate the SDK of the AliTigerTally_IDFA
version into your iOS apps. If you use the non-IDFA version, we recommend that you
integrate the SDK of the AliTigerTally_NOIDFA version into your iOS apps.
- The SDK authentication key, namely the
app key
, is obtained.
To obtain the app key, log on to the
Web Application Firewall console and choose . On the Bot Management tab of the Website Protection page, turn on
App Protection and click
Obtain and Copy Appkey. The SDK authentication key is used in the integration code to initiate an SDK initialization
request.
Note The app key
obtained for all domain names in the current Alibaba Cloud account is the same and
unique, regardless of whether you integrate the SDK into Android apps or iOS apps.

Authentication key example:
****OpKLvM6zliu6KopyHIhmneb_****u4ekci2W8i6F9vrgpEezqAzEzj2ANrVUhvAXMwYzgY_****vc51aEQlRovkRoUhRlVsf4IzO9dZp6nN_****Wz8pk2TDLuMo4pVIQvGaxH3vrsnSQiK****
Background information
The SDK is used to sign requests that are sent by apps. Web Application Firewall (WAF)
verifies the signatures in the requests to identify risks in app services and block
malicious requests.
(Optional) Create a test iOS project
You can integrate the SDK into a real iOS project. You can also integrate the SDK
into a test iOS project to familiarize yourself with the integration operations before
you integrate the SDK into a real iOS project.
The following example shows how to use Xcode to create a test iOS project.
The following figure shows a test project named
TigerTally_sdk_test.

Procedure
- Use Xcode to open the test iOS project and enter the file directory.
- Copy the SDK to the project.
- The following figure shows the SDK of the non-IDFA version.

- The following figure shows the SDK of the IDFA version.

- Add dependency libraries to the project.
Dependency library |
Non-IDFA |
IDFA |
libc++.tbd |
Required |
Required |
CoreTelephony.framework |
Required |
Required |
libresolv.9.tbd |
Required |
Required |
AdSupport.framework |
Not required |
Required |

- Open Build Settings and add -ObjC to the Other Linker Flags option.

- Add the integration code.
- Add a header file.
Sample code:
- Objective-C
// Non-IDFA version
#import <AliTigerTally_NOIDFA/AliTigerTally.h>
// IDFA version
#import <AliTigerTally_IDFA/AliTigerTally.h>
- Swift
// Create a header file.
#ifndef TigerTally_sdk_Swift_h
#define TigerTally_sdk_Swift_h
// Non-IDFA version
#import <AliTigerTally_NOIDFA/AliTigerTally.h>
// IDFA version
#import <AliTigerTally_IDFA/AliTigerTally.h>
#endif /* TigerTally_sdk_Swift_h */
You must add the header file that you create to the
Objective-C Bridging Header option on
Build Settings.

- Specify a user ID.
Function:
-(void)setAccount:(NSString*)account
Description: configures a user ID in requests. This way, you can configure WAF protection
policies in a more efficient manner.
Parameter: <account> which specifies the user ID. Data type: NSString*. We recommend that you enter a
masked user ID.
Return value: none.
Sample code:
- Objective-C
// testAccount indicates an example of the user ID string.
//If the logon user is a guest, you do not need to call this function. You can directly call the initialization function.
[[AliTigerTally sharedInstance] setAccount:@"testAccount"];
- Swift
// testAccount indicates an example of the user ID string.
//If the logon user is a guest, you do not need to call this function. You can directly call the initialization function.
AliTigerTally.sharedInstance().setAccount("testAccount")
- Initialize the SDK.
Function:
-(bool)initialize:(NSString*)appKey
Description: initializes the SDK and performs one-time information collection. One-time
information collection allows you to collect terminal information for one time. If
you want to collect terminal information again, call the initialize function.
Interface parameter: <appKey> specifies the SDK authentication key. Data type: NSString*.
Return value: A value that indicates whether the initialization is successful. Data
type: bool. The value true indicates that the initialization is successful. The value
false indicates that the initialization failed.
Sample code:
- Objective-C
NSString *appKey=@"****OpKLvM6zliu6KopyHIhmneb_****u4ekci2W8i6F9vrgpEezqAzEzj2ANrVUhvAXMwYzgY_****vc51aEQlRovkRoUhRlVsf4IzO9dZp6nN_****Wz8pk2TDLuMo4pVIQvGaxH3vrsnSQiK****";
if([[AliTigerTally sharedInstance]initialize:appKey]){
NSLog(@"The initialization is successful.");
}else{
NSLog(@"The initialization failed.");
}
- Swift
let binit = AliTigerTally.sharedInstance().initialize("****OpKLvM6zliu6KopyHIhmneb_****u4ekci2W8i6F9vrgpEezqAzEzj2ANrVUhvAXMwYzgY_****vc51aEQlRovkRoUhRlVsf4IzO9dZp6nN_****Wz8pk2TDLuMo4pVIQvGaxH3vrsnSQiK****")
if(binit){
NSLog("The initialization is successful.");
}else{
NSLog("The initialization failed.");
}
- Sign request data.
Function:
-(NSString*)vmpSign:(NSData*)inputBody
Description: signs the input data and returns the signature string.
Parameter: <inputBody> which specifies the data body to be signed. Data type: NSData*.
Return value:
- Normal return results: A signature string is returned. Data type: NSString*.
- Abnormal return results
Return result |
Description |
Solution |
you must call initialize |
The initialize function is not called.
|
Call the initialize function to initialize the SDK. Then, call the vmpSign function.
|
you must input body |
The data body to be signed is not specified. |
When you call the vmpSign function, specify the data body <inputBody> to be signed.
|
NULL |
The initialization is not complete, and request data failed to be signed. |
Call the vmpSign function again.
If this issue repeatedly occurs, contact technical support in the DingTalk service
group. You can also submit a ticket to contact technical support.
|
Sample code:
Note In the following sample code, the signature string is defined as wToken.
- Objective-C
if(![[AliTigerTally sharedInstance]initialize:@"xxxxxxxxxxxxxxxxxxxxx"])
{
NSLog(@"The initialization failed.");
return;
}
NSString *signBody =@"hello";
NSString *wToken= [[AliTigerTally sharedInstance] vmpSign:[signBody dataUsingEncoding:NSUTF8StringEncoding]];
NSLog(@"wToken== %@",wToken);
- Swift
if(!AliTigerTally.sharedInstance().initialize("xxxxxxxxxxxxxxxxxxxxx")){
NSLog("The initialization failed.");
return
}
let signBody = "hello"
var token = AliTigerTally.sharedInstance().vmpSign(signData)
NSLog(token);
- Add the signature string to the header and send requests to the server of your iOS
apps.
The signature string is submitted to the server for business-critical events, such
as client logon request events. WAF receives requests that are destined for the server,
parses the signature string wToken to identify and block malicious requests, and then forwards normal requests to the
server.
Sample code:
- Objective-C
NSURL * url = [NSURL URLWithString:@"https://xxxxxx/test?id=123"];
NSMutableURLRequest *request=[NSMutableURLRequest requestWithURL:url cachePolicy:NSURLRequestUseProtocolCachePolicy timeoutInterval:10];
[request setValue: wToken forHTTPHeaderField: @"wToken"];
request.HTTPMethod=@"post";
request.HTTPBody=[signBody dataUsingEncoding:NSUTF8StringEncoding];
NSURLSessionDataTask *dataTask = [[NSURLSession sharedSession] dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {
if(error){
NSLog(@"The data fails to be sent.%@", error);
}else
{
NSLog(@"The data is sent.");
}
}];
[dataTask resume];
- Swift
guard let url = URL(string: "https://xxxxxx/test?id=123") else { return }
var request = URLRequest(url: url)
request.httpMethod = "POST"
request.addValue(token, forHTTPHeaderField: "wToken")
let session = URLSession.shared
session.dataTask(with: request) { (data, response, error) in
if let data = data {
do {
print("OK")
} catch {
print("ERROR")
print(error)
}
}
}.resume()
}