If you find any errors, typos or have general feedback, select the text and click CTRL+ALT+ENTER.


In this tutorial you will learn how to import and use the MetaCert Security API plug-in to block malicious links and NSFW content.

Most mobile malware is downloaded when end-users click on malicious links inside legitimate apps. The MetaCert Security API adds a thin, but very powerful layer of security to your app.

The API allows you to check the reputation of web links in real time, providing an invisibly secure experience. It can be used to block phishing sites from loading or navigating to. You can also stop end-users from sharing links that are NSFW. The plugin provides an example app using MetaCert Security API.

Before you begin

Tutorial level: intermediate.

Before using the MetaCert Security API you will need to sign up for an account. MetaCert offer 150 free calls every month with no need to sign a contract: https://metacert.com/signup/. Once you have an account you will get an API key to use.

Once you sign up, you will see your API key to use in this plug-in:


Watch a video that shows how to import and use the plug-in.

Create a new app

To start, you are going to create a new app.

  1. Click “Create new app.” For app name enter MetaCertApp and click “Create“. 
  2. When the app builder loads, you will see the Start page. Every new app has a default page. You can open the page by going to Pages > startScreen.

Next you are going to import the MetaCert Security API plug-in.

Import the plug-in

  1. To import the plug-in, click Create New > From Plug-in:
  2. Check the box for MetaCert Security API:
    Screen Shot 2015-04-14 at 1.37.37 PM
  3. Click “Import selected plug-ins.” 
  4. On the next screen, select securitycheck as the start page for the app. Click “Apply settings.”
    Screen Shot 2015-04-21 at 12.28.55 PM
  5. Once the plug-in is imported, you just need to set the MetaCert API key. Open Services > MetaCert_securityCheck.
    Screen Shot 2015-04-21 at 3.44.15 PM

    • You will find the securitycheck page under Pages folder and MetaCert_securityCheck service in Services folder.
    • The startScreen page is the default page in a new app you created
  6. Open the Request tab.
  7. For apikey select Headers and set your MetaCert API key. Remember to get an API key here.
    Screen Shot 2015-04-21 at 3.48.00 PM

That’s it. Let’s now test the app.

Running the app

That’s all you need to do. You can now run the app by clicking the “Test” button.

The app just has one page that fully demonstrates using MetaCert Security API:

Enter any URL and the MetaCert API will instantly validate the URL. For example, entering a URL such as: http://imgur.com/r/sex/sexy.html, the domain is labeled as image sharing while the URL is classified as XXX because it was found in a folder that was classified as XXX – thereby demonstrating the unique method of classifying content.

You can add MetaCert Security API to any app to ensure no XXX or NSFW links are not shared using your app.

Example URLs to try

  • Type http://imgur.com/r/sex/sexy.html to verify a URI labeled as NSFW.
  • Type http://example.org/malicious/attack.html to verify a domain labeled as malware & phishing

For more information, please visit the MetaCert documentation.

What’s next?

Once you built  your app, you can quickly publish the app as a mobile web app or, just as quickly, package the app for iOS or Android.