Every Add-on must have a valid API key - a hash string based on the Add-on’s package name, API key level (explained later), and APK signature. At browser load time, the API key is used by the Dolphin browser to verify that the Add-on was created by the same developer who applied for the API key, and that the Add-on has not been modified by malitious user.
Because it is created from a unique combination of factors, an API key only works with one package – every separate Add-on you create will require its own API key. Developers can apply for API keys on the Dolphin developer website at here.
Before the Dolphin browser starts the Add-on service, it first authenticates the APK using the API key. The key must match the Add-on’s package name and APK signature. Once this has been verified, Dolphin launches the Add-on service.
A developer’s version of the Dolphin browser is available that does not check the API key before loading the Add-on. This is useful while developing and debugging an Add-on. Download it here.