Start Notes :
When a mobile application starts with Firebase enabled, the first thing that happens is Firebase creates a Token ID for the device on that app.
This requires the device to connect to the Firebase server, and register the device with all the required data about the device.
Unfortunately this cannot happen if the device has blocked access to the Firebase server.
Searches :
As I know, there is a Firebase Admin API on the server side, that can be used to create functions and probably one of them is to create a custom Token ID and register the device using that ID.
However, searching Firebase Docs, only creating a Custom Auth ID appeared
Create Custom Tokens
But this Token ID is not for the device, it is for the user on the device (i.e, Firebase Authentication API).
Goal :
What I want to do, is handle the entire Token ID process from the server side, so that even a Firebase blocked device can be registered on Firebase.
Question :
What is the method of creating a Firebase Token ID on the server that also registers the device as a user with its data (Device Name, OS, etc)?
Is there such a process? Or does Firebase exclusively register the device from the client side?
Side Notes :
I believe it is possible, as some applications that obviously use Firebase Messaging are available for use even when Firebase's access is blocked.
Examples : Discord, Telegram.
The token ID is managed by the client device. The backend and admin SDK are not involved in this process. It's the responsibility of the client app to send this token to you backend, if you need to target the app for use with Cloud Messaging. If the app is temporarily unable to reach your backend, you will have to retry sending the token until it's able to reach the backend.
Related
How can I get the device type or operating system from an FCM registration token on my app server, or can I make a post request to my app server with the registration token and user_id?
Reason is, I want to programmatically be able to send messages only to certain usersegments like I can in the firebase console.
Information about the device cannot be extracted from the FCM instance ID token.
You will have to set up your own stream of the information from the client to your servers, where you can then combine it with the FCM token to target users. Not incidentally, this is what Firebase itself does too (through Google Analytics) and is what powers the targeting in the Firebase console.
I am coding a React Native app and I using Firebase push notification service.
In my app, users can send message for each other and I want to notify them when they get message.
I found one way for native android I can code for react native it is not problem just I want to know if there is better way. I can make post to directly to Firebase service with using Http post.
This is the link which way I found: https://blog.usejournal.com/send-device-to-device-push-notifications-without-server-side-code-238611c143
I want to push notification to specific device without server, is there another way to do this?
Sending a message to a device with Firebase Cloud Messaging requires that you specify the FCM server key. As its name implies, this key is supposed to only be used in trusted environments, as knowing it allows one to send any message they want to all users of the app. For this reason it is not possible to secure send messages directly from one device to another device with FCM.
Instead you will have to run code in a trusted environment, such as your development machine, a server you control, or Cloud Functions. Your client-side application code invokes the server-side code, that ensures the call is authorized, and then calls the FCM API.
For more on this see:
How to send one to one message using Firebase Messaging
How to send device to device messages using Firebase Cloud Messaging?
I haven't seen any examples of this, but I want to purely interact with Firebase through the backend, and not the frontend with Javascript.
I have auth tokens being minted on my Go backend when a new user is added and then these users are written into a mongo database.
What I want is to be able to get a messaging token for my users, and then add it to their user document in mongo, that'll be used to send messages through the backend.
The reasoning is that we don't want to have to communicate with Firebase on our frontend.
Is this even possible?
If you want to send a message directly to a device with Firebase Cloud Messaging, you will definitely need some information from the client. There is no avoiding following the setup instructions on the client. In particular, you will have to handle the registration token on the client and send it to your backend so it can send the messages.
The Firebase Authentication token will not be useful to you at all for sending messages. FCM doesn't send messages to users - it sends messages to devices (or topics). You will have to figure out for yourself which devices belong to which users.
If I share a user's Firebase device ID key (for a user who has my app installed) with other Firebase service providers, can they send messages from their account (using their authentication key) to a user who has my app installed?
Yes I do realize the process of sharing a user's Firebase device ID key could be problematic. The problem I am trying to solve is that I want multiple providers to be able to send messages to a user who has my app installed.
The Firebase Instance ID (also known as a registration token, or FCM token) identifies an installation of your app on a specific device.
Sending messages to such tokens in a project always requires an additional form "authentication.
The Firebase Cloud Messaging versioned REST API requires that the user has a service account. If you create a service account for each of your service providers, you grant them complete access to your Firebase project. So they can't only send FCM messages, they can also access every other Firebase product: e.g. delete your database, read all your users, etc.
The legacy REST API for Firebase Cloud Messaging instead uses a Server Key to authorize its callers. If you share your FCM server key with other service providers, they can only send FCM messages with that key. But they can send whatever messages they want to whatever user.
You might want to consider setting up your own API endpoint on Cloud Functions for Firebase. That way you can determine yourself how to secure that API, and what you allow your service providers to send to what users of your app.
Assuming that the Firebase Device ID Key you're referring to is the FCM Registration token, then having the value alone won't enable others to send a message to it without the corresponding Server Key it is associated with.
For your use-case of allowing multiple senders to a single app, you could refer to the official documentation on Receiving messages from multiple senders. I believe my answer here could also be helpful.
I am working on a project that might use Firebase only for messaging. The goal is for the following to happen:
App registers with Firebase on startup
App sends Firebase token to our server
Our server sends Firebase messages to all clients via the token from step 2
Note there is no step where the user will log into anything or enter any credentials. I am a little confused if this is possible in a production app, as most Firebase documentation talks extensively about different ways to authenticate, either via username/password, OAuth, etc.
The server will be sending different messages to different clients, but that logic will be handled by the server and not by different types of registration to Firebase. I know Firebase supports groups, but to make a long story short it probably won't be leveraged.
Can all this be done on Firebase? Is GCM a better match for these requirements? I feel like we would be throwing away 95% of Firebase and just trying to force it to simplify the messaging part.
Firebase Authentication does not at all affect the way that Firebase Cloud Messaging works. FCM only cares about the token for the app on the device as a means to target the app for messages. It doesn't care at all if the end user is authenticated by any means. If you want to associate a token to a user somehow, using Firebase Authentication or some other system, that's up to you.
FCM is an evolution of GCM. They are powered by essentially the same components. Using GCM doesn't give you any additional constraints or flexibility than FCM, except for the path to integration in your app.