Android SDK

This guide describes how to integrate the DataDome SDK in your Android application.


The DataDome SDK has two major benefits:

DataDome SDK offers protection of different type of fraud for your mobile application. It consists of a series of device checks aligned with a captcha challenge, which is shown in a suspicious traffic cases.

1 - Network tracking

Handles the 403 API response, generated by the DataDome server-side integration.

2 - Captcha display

Displays a captcha challenge in cases of suspicious traffic.

3 - Event Tracking

The SDK tracks user interactions inside the app when the app is active and sends it, asynchronously, to the DataDome API.

Installation (Android 16+):

Gradle dependency

build.gradle in the root:

allprojects {
    repositories {
        mavenCentral()
    }
}

build.gradle in the module, according to the version of the SDK you need, we usually recommend you to use the latest version:

dependencies {
    implementation 'co.datadome.sdk:sdk:1.8.0'
}

1 - Network tracking & Captcha

The default and recommended integration is with the OkHttp Client interceptor:

Manual integration is also available:

2 - Event tracking

We provide 2 event tracking types:

  • Touch screen tracking
  • Custom event tracking

Touch Screen Event tracking

@Override
  public boolean dispatchTouchEvent(MotionEvent event) {
    dataDomeSDK.handleTouchEvent(event);
    return super.dispatchTouchEvent(event);
}

Custom event Tracking

import android.app.Application;

class MainActivity extends AppCompatActivity {

    private DataDomeSDK.Builder dataDomeSDK;

    @Override
    protected void OnCreate (Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);

        dataDomeSDK = DataDomeSDK
                .with(getApplication(), "Client_Side_Key", BuildConfig.VERSION_NAME)
                .listener(DataDomeSDKListener);
    }
    [...]

    public void isClick(View v) {
        datadomeSDK.logEvent(102, "isClicked", MainActivity.class.getSimpleName())
    }
}

Use custom Accept header

By default, the DataDome SDK overrides the default Accept header for each API call to JSON.
Please follow the 2 steps below to change this behavior:

1 - Inside the Mobile app

Set the 4th parameter to true during Interceptor instantiation.

import android.app.Application;

class MainActivity extends AppCompatActivity {

    private DataDomeSDK.Builder dataDomeSDK;

    public void makeRequest(){

        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        builder.addInterceptor(new DataDomeInterceptor(getApplication(), dataDomeSDKListener, "Client_Side_Key", BuildConfig.VERSION_NAME, true));
        OkHttpClient client = builder.build();
    }

    [...]
}

2 - DataDome Dashboard

Force the response format inside the mobile app endpoint settings to JSON.

Optional settings

Force a Captcha display

You can simulate a Captcha display using the framework by providing a user agent with the value BLOCKUA.
You can set the User-agent header value in your OkHttp request builder:

val request = Request.Builder()
                    .header("User-Agent", "BLOCKUA")
                    .url(url)
                    .build()

IMPORTANT NOTE
Make sure the BLOCKUA user agent is not used in production. Otherwise, the Captcha will appear at least once for each user.

Manual cookie handling

If you are using webviews in your application to display web pages that are protected with DataDome, you need to share the cookie between the HTTP client instances of native application part and the web pages, therefore a second Captcha won't be required on the web-based part of the app.

To share the DataDome cookie from the SDK to your webview instance, use the following API:

String cookie = dataDomeSdk.getCookie();
CookieManager.getInstance().setCookie(domain,"datadome="+cookie);
// your webview code
webview.loadUrl(url);

The getCookie API returns the last stored DataDome cookie value. We need to set this value to the webview CookieManager.
The getCookie method returns only the value of the cookie. If for some reasons, you need the DataDome cookie with all its attributes, use getCookieWithAttributes

To share the DataDome cookie from the webview instance to native part, you need to store the latest webview cookie, use the setCookie(cookie) API:

// Get webview cookies
String cookies = CookieManager.getInstance().getCookie(url);
// filterDatadomeCookie method
String datadomeCookie = DataDomeUtils.filterDatadomeCookie(cookies);
// store DataDome cookie
dataDomeSdk.setCookie(datadomeCookie);

filterDatadomeCookie method filter on DataDome cookie and is helpful when your CookieManager returns a string with other non-datadome cookies value. It can be implemented as below:

private String filterDatadomeCookie(String cookie) {
  String cookieName = "datadome=";
  String[] cookieSplit = cookie.split(cookieName);
  if (cookieSplit.length > 1) {
    if (cookieSplit[1].contains(";")) {
      return cookieName+cookieSplit[1].split(";")[0];
    }
    return cookieName+cookieSplit[1];
  }
  return "";
}

CookieJar handling

CookieJar manages HTTP cookies persistence.The CookieJar loadForRequest method handles the last value of saveFromResponse method which is not updated with the last DataDome cookie after resolving the captcha challenge. The override of this DataDome cookie lead to a failure of retried blocked requests.
In order to prevent this behavior, we implemented our DataDomeCookieJar to be included to the HTTP client, and it takes your customized CookieJar in parameter to take in account your cookies.

If you use CookieJar, please add this implementation to integration DataDomeCookieJar

// Integrating DataDomeCookieJar with your CookieJar instance as parameter
builder.cookieJar(dataDomeInterceptor.getDataDomeCookieJar(cookieJar))

This integration supports both custom CookieJar implementation and third party libraries.

Otherwise, if you are implementing the CookieJar interface and want to handle cookies with it, you would need to add explicitly the last DataDome cookie value by calling dataDomeSdk.getCookieWithAttributes() in CookieJar's loadForRequest cookies methods method which returns cookies for outgoing HTTP requests.

// Get the last DataDome cookie
String datadomeCookie = dataDomeSdkInstance.getCookieWithAttributes();
// Then add this datadomeCookie to the returned cookie list

Sample app

Below is a sample app demonstrating the implementation of DataDomeSDK in a basic Android application.