SDK Android

This guide describes how to integrate the DataDome SDK in your Android application.


The DataDome SDK has two major benefits:

DataDome SDK offer a protection of different type of frauds to your mobile application. It consists of some device checks aligned with a captcha challenge shown in a suspicious traffic cas.

1 - Network tracking & Captcha

Handles the 403 API response, generated by the DataDome server-side integration, to display the Captcha.

2 - Event Tracking

The SDK tracks user interactions inside the app, only when the app is active, and sends it to the DataDome API.

Installation (Android 16+):

Gradle dependency

build.gradle in the root:

allprojects {
    repositories {
        mavenCentral()
    }
}

build.gradle in the module, according to the version of the SDK you need, we usually recommend you to use the latest version:

dependencies {
    implementation 'co.datadome.sdk:sdk:1.8.0'
}

1 - Network tracking & Captcha

The default and recommended integration is with the OkHttp Client interceptor:

Manual integration is also available:

2 - Event tracking

We provide 2 event tracking types:

  • Touch screen tracking
  • Custom event tracking

Touch Screen Event tracking

@Override
  public boolean dispatchTouchEvent(MotionEvent event) {
    dataDomeSDK.handleTouchEvent(event);
    return super.dispatchTouchEvent(event);
}

Custom event Tracking

import android.app.Application;

class MainActivity extends AppCompatActivity {

    private DataDomeSDK.Builder dataDomeSDK;

    @Override
    protected void OnCreate (Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);

        dataDomeSDK = DataDomeSDK
                .with(getApplication(), "Client_Side_Key", BuildConfig.VERSION_NAME)
                .listener(DataDomeSDKListener);
    }
    [...]

    public void isClick(View v) {
        datadomeSDK.logEvent(102, "isClicked", MainActivity.class.getSimpleName())
    }
}

Use custom Accept header

By default, the DataDome SDK overrides the default Accept header for each API call to JSON.
Please follow the 2 steps below to change this behavior:

1 - Inside the Mobile app

Set the 4th parameter to true during Interceptor instantiation.

import android.app.Application;

class MainActivity extends AppCompatActivity {

    private DataDomeSDK.Builder dataDomeSDK;

    public void makeRequest(){

        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        builder.addInterceptor(new DataDomeInterceptor(getApplication(), dataDomeSDKListener, "Client_Side_Key", BuildConfig.VERSION_NAME, true));
        OkHttpClient client = builder.build();
    }

    [...]
}

2 - DataDome Dashboard

Force the response format inside the mobile app endpoint settings to JSON.

952

Optional settings

Force a Captcha display

You can simulate a Captcha display using the framework by providing a user agent with the value BLOCKUA.
You can pass this value while building the instance of DataDomeSDK using the following API:

dataDomeSDK = DataDomeSDK
        .with(getApplication(), "Client_Side_Key", BuildConfig.VERSION_NAME)
        .listener(DataDomeSDKListener)
        .agent("BLOCKUA");

IMPORTANT NOTE
Make sure the BLOCKUA user agent is not used in production. Otherwise, the Captcha will appear at least once for each user.

Manual cookie handling

If your application has multiple HTTP client instances (example: okhttp and webview), you need to share the cookie between the instances.
To do that you can use the following 2 methods: setCookie(HEADER) and getCookie from dataDomeSDK Object:

if (DataDomeUtils.isValidCookie(header)) {
  dataDomeSDK.setCookie(header);
}

String dataDomeCookie = dataDomeSDK.getCookie();

The getCookie method returns only the value of the cookie. If for some reasons, you need the DataDome cookie with all its attributes, use getCookieWithAttributes

CookieJar handling

CookieJar manages HTTP cookies persistence.The CookieJar loadForRequest method handles the last value of saveFromResponse method which is not updated with the last DataDome cookie after resolving the captcha challenge. The override of this DataDome cookie lead to a failure of retried blocked requests.
In order to prevent this behavior, we implemented our DataDomeCookieJar to be included to the HTTP client, and it takes your customized CookieJar in parameter to take in account your cookies.

If you use CookieJar, please add this implementation to integration DataDomeCookieJar

// Integrating DataDomeCookieJar with your CookieJar instance as parameter
builder.cookieJar(dataDomeInterceptor.getDataDomeCookieJar(cookieJar))

This integration supports both custom CookieJar implementation and third party libraries.

Otherwise, if you are implementing the CookieJar interface and want to handle cookies with it, you would need to add explicitly the last DataDome cookie value by calling dataDomeSdk.getCookieWithAttributes() in CookieJar's loadForRequest cookies methods method which returns cookies for outgoing HTTP requests.

// Get the last DataDome cookie
String datadomeCookie = dataDomeSdkInstance.getCookieWithAttributes();
// Then add this datadomeCookie to the returned cookie list

Sample app

Below is a sample app demonstrating the implementation of DataDomeSDK in a basic Android application.