The auto-instrumentation process instruments your iOS apps for monitoring with OneAgent. The instrumentation process is an automated way of adding OneAgent to an app without manually modifying its source code. An auto-instrumented app is equivalent to an app that is manually instrumented for basic data collection. This level of instrumentation provides visibility into the real user experience delivered by your app. It also enables crash detection and performance monitoring related to app start-up and web request response times.
You can use the Public Key Hash Pinning (PKH) feature for authentication.
Public key pinning is risky and will cause problems if not set up correctly. If you make a mistake, your app might pin a set of keys that validates authentication today but stops working at some unknown point in the future. In such a case, your app will no longer be able to connect to the server and will most likely stop working until it's updated with a new set of keys.
Go to the OneAgent distribution package, open the Certificate Pinning folder, and run the getPKHashFromCertificate.py
script to generate hashes from your certificates.
python getPKHashFromCertificate.py <path to your cert>.<der|pem> --type <DER | PEM>
The output should look like this:
CERTIFICATE INFO----------------subject= *****issuer= *****SHA1 Fingerprint= ******---------------------- DTXDomainPins item ----------------------DTXPKHash: SomePublicKeyHash=DTXPKHashAlgoritm: DTXAlgorithmRsa2048
In your Info.plist
file, use the script output as an array under the DTXPublicKeyPins
configuration key.
<key>DTXPublicKeyPins</key><array><dict><key>DTXPKHash</key><string>SomePublicKeyHash=</string><key>DTXPKHashAlgoritm</key><string>DTXAlgorithmRsa2048</string></dict><dict>...script output 2...</dict><dict>...script output 3...</dict></array>
If you don't have the OneAgent distribution package, you can download it from your mobile app settings.
If the HTTP requests of OneAgent don't fulfill the security requirements of your server infrastructure, you can modify the HTTP headers of OneAgent with Dynatrace.setBeaconHeaders([String : String]?)
. This feature allows you to add an Authorization
header to the HTTP requests and immediately reconnect to the Cluster ActiveGate when the token has expired. To delete the old headers, call Dynatrace.setBeaconHeaders(nil)
.
Dynatrace.setBeaconHeaders(["Cookie" : "n1=v1; n2=v2", "MyHeader" : "MyHeader", "Authorization" : "API-Token aa11bb22cc33dd44ee55"]) //set headers onto beaconlet headers: Dictionary<String, String>? = Dynatrace.beaconHeaders() //request the headers that have been set//listen for communication problems (for example, if beacon header contains a token that can expire required to pass a firewall)NotificationCenter.default.addObserver(forName: NSNotification.Name(rawValue: Dynatrace.getCommunicationProblemNotificationName()), object: nil, queue: nil) { _ in//for example, update beacon header with new token}