For applications that are deployed internally, either during production or testing, the system takes the following steps to establish trust.

  1. (Optional) Sign an APK file with the debug keystore of Android Studio.

    This step allows the system to whitelist the app while debugging.

  2. Upload the APK file to the AirWatch Console and assign an SDK profile to the application.

    You must assign an SDK profile to the application in the AirWatch Console.

  3. The AirWatch Console extracts the public signing key of the application.
  4. The AirWatch Console whitelists the signing key with the AirWatch Agent or the AirWatch Container.
  5. The application calls the AirWatch SDK.
  6. The AirWatch Agent or the AirWatch Container validates the signing key by comparing it to the one uploaded in the AirWatch Console.

Side-Load Newer Versions for Development

After an application downloads and installs through the AirWatch Agent, then you can side-load the newer development versions signed with the same key.