A Ruby quickstart example demonstrating server-side verification of Approov tokens to ensure API requests originate from trusted mobile apps without relying on any framework.
Quickstart Approov integration example for Ruby without depending on a framework.
This tool is used by backend developers to integrate Approov token verification into Ruby-based API services, ensuring that only requests from verified mobile app instances are processed. It is ideal for teams looking to enhance API security by validating mobile app authenticity without depending on a specific Ruby framework.
By default, the tool uses symmetric HS256 keys which require careful secret management; for enhanced security, it is recommended to use asymmetric keys (e.g., RS256) to separate signing and verification keys. Proper environment variable management and secure storage of the Approov secret are critical. Logging and error handling should be expanded in production implementations for better observability.
Install Approov CLI and initialize it as per official documentation
Register your API domain with: approov api -add api.example.com
Enable Approov admin role with: eval `approov role admin` (or set APPROOV_ROLE in Windows PowerShell)
Retrieve the Approov secret with: approov secret -get base64
Add the Approov secret to your .env file as APPROOV_BASE64_SECRET
Install required Ruby gems with: gem install jwt (and gem install dotenv if not already installed)
Add the provided Ruby code snippet to your project to perform token verificationapproov api -add api.example.com
Registers the API domain for which Approov will issue tokens.
eval `approov role admin`
Enables the Approov admin role in the current shell session.
set APPROOV_ROLE=admin:___YOUR_APPROOV_ACCOUNT_NAME_HERE___
Sets the Approov admin role environment variable in Windows PowerShell.
approov secret -get base64
Retrieves the Approov secret in base64 format for use in token verification.
gem install jwt
Installs the Ruby JWT library used for decoding and verifying Approov tokens.