Android SDK
Integrate TrustPin into your Android application for comprehensive certificate pinning security.
Platform Requirements
| Platform | Minimum Version |
|---|---|
| Android | API 21+ (Recommended: API 25+) |
| JVM | Java 11+ |
Kotlin Version: 2.3.0+
Note: While the SDK supports Android API 21+, we recommend API 25+ (Android 7.1) for improved security features and TLS 1.2 support by default.
Installation
Gradle (Kotlin DSL)
Add TrustPin to your build.gradle.kts:
dependencies {
implementation("cloud.trustpin:kotlin-sdk:[4.0.0,5.0.0)")
}Gradle (Groovy)
Add to your build.gradle:
dependencies {
implementation 'cloud.trustpin:kotlin-sdk:[4.0.0,5.0.0)'
}Maven
Add to your pom.xml:
<dependency>
<groupId>cloud.trustpin</groupId>
<artifactId>kotlin-sdk</artifactId>
<version>[4.0.0,5.0.0)</version>
</dependency>Quick Start
1. Get Your Credentials
Sign in to the TrustPin Dashboard and retrieve:
- Organization ID
- Project ID
- Public Key (Base64-encoded)
2. Initialize TrustPin
Add this to your Application class:
import cloud.trustpin.kotlin.sdk.TrustPin
import cloud.trustpin.kotlin.sdk.TrustPinMode
import android.app.Application
import androidx.lifecycle.lifecycleScope
import kotlinx.coroutines.launch
class MyApplication : Application() {
override fun onCreate() {
super.onCreate()
lifecycleScope.launch {
try {
TrustPin.setup(
organizationId = "your-org-id",
projectId = "your-project-id",
publicKey = "your-base64-public-key",
mode = TrustPinMode.STRICT
)
println("TrustPin initialized")
} catch (e: Exception) {
println("TrustPin setup failed: ${e.message}")
}
}
}
}Don’t forget to register your Application class in AndroidManifest.xml:
<application
android:name=".MyApplication"
...>
</application>3. Add Network Permission
Ensure your AndroidManifest.xml includes:
<uses-permission android:name="android.permission.INTERNET" />Integration Approaches
TrustPin offers multiple integration methods:
| Approach | Best For | Setup Complexity |
|---|---|---|
| OkHttp Integration (Recommended) | Most Android apps | 🟢 Minimal |
| Retrofit Integration | REST API clients | 🟢 Minimal |
| Ktor Client Integration | Kotlin multiplatform | 🟡 Medium |
| Manual Certificate Verification | Custom implementations | 🟠 Advanced |
OkHttp Integration (Recommended)
The easiest way to integrate TrustPin with OkHttp:
import cloud.trustpin.kotlin.okhttp.TrustPinSSLSocketFactory
import okhttp3.OkHttpClient
class NetworkManager {
private val httpClient by lazy {
val sslSocketFactory = TrustPinSSLSocketFactory.create()
OkHttpClient.Builder()
.sslSocketFactory(sslSocketFactory, sslSocketFactory.trustManager())
.build()
}
// Use with Retrofit
val retrofit = Retrofit.Builder()
.baseUrl("https://api.example.com/")
.client(httpClient)
.addConverterFactory(GsonConverterFactory.create())
.build()
}Best Practices
Setup & Initialization
- Initialize in
Application.onCreate()for app-wide coverage - Use coroutine scope for async setup
- Handle setup errors gracefully - don’t block app launch
- Set log level before setup for complete logging
Security
- Use
TrustPinMode.STRICTin production - Monitor pin validation failures
- Use SPKI or rotate pins before expiration
- Keep credentials secure (use BuildConfig or environment variables)
- Use HTTPS for all pinned domains
Performance
- Configuration caching is automatic (10-minute TTL)
- Reuse OkHttpClient instances
- Use minimal log levels in production
- Initialize early in app lifecycle
Complete Documentation
For detailed information on all integration approaches (Retrofit, Ktor, HttpsURLConnection), advanced configuration, error handling, ProGuard rules, and production deployment, visit the complete documentation:
Resources
- Kotlin API Docs: trustpin-cloud.github.io/kotlin.sdk
- Dashboard: app.trustpin.cloud
- Support: support@trustpin.cloud