Is there any API (Python, JS, ...) that can be used to generate and retrieve the Firebase cloud messaging server token?
The end goal should be the same as clicking the Add server key button in the project settings.
There is no way to generate that key outside of the Firebase console.
Maybe have a look at the FCM HTTP v1 API which uses an OAuth based security model where the short lived tokens can be generated server side.
Related
So i'm making an app using React JS, Cordova, node backend and a mongo database. I want to integrate firebase cloud messaging (FCM) into my platform. I'm quite new to firebase, and developing in general, and i'm not quite sure where to initialise firebase. I currently have it integrated into the front-end and it's requesting permission to receive notifications, generating tokens, and receiving messages from the firebase console. However i'm not entirely sure where to go from here. Do I add it to my backend as-well?
If you can receive messages in your client app, your front-end work is done for the moment.
But to send messages programmatically, you will need to write back-end code indeed. That's because sending messages through FCM requires that you specify the FCM server key to the API, and as its name implies that key should only be used in a trusted environment, such as your development machine, a server you control, or Cloud Functions.
For more on this, have a look at:
The architectural overview of FCM
The documentation on your server and FCM
My answer to How to send one to one message using Firebase Messaging
You have to get the FCM token from the frontend (or, client app).
After getting the token, just send it to your backend server using a POST method.
Then, store the token in whatever database you're using in your backend. It can be MongoDB, PostgreSQL, etc.
I need to handle social activity events in my web app application developed using Vue JS framework and Firebase.
I want to show to the user “Facebook like” notifications when some activity happen in the application, for example:
“John liked your post”.
Is Firebase Cloud Messaging useful for this scenario? Or do I have to develop some custom solution from scratch?
If Firebase Cloud Messaging do the job, is it possible to send messages directly from user web client?
You should not try to send messages directly from the web client. FCM is intended to be used via a secure backend where your code runs to send messages. The reason a backend is needed is to prevent your private server key from being exposed to the world, which can cause security issues in your app.
You will have to arrange on your backend to determine when events occur that should generate messages, and use the Firebase Admin SDK to send those message, or work with the REST API directly.
Is the new server key restricted to messaging only?
explanation:
In firebase project settings, I can get "old" and new server keys(cloud messaging tab).
The old ones don't work to send push notifications via https://fcm.googleapis.com/fcm/send because the response says that it is a legacy server key. But it can be restricted to certain google apis here https://console.developers.google.com/apis.
The new is not listed in google apis console, but works.
We want to share the server key with partners, but won't allow to do other stuff. The new HTTP API V1 with OAuth2 is not an option unfortunately.
According to docs:
Server key (for legacy protocols): A server key that authorizes your app server for access to Google services, including sending messages via the Firebase Cloud Messaging legacy protocols.
Which services are here meant?
Got response from Google: Yes, the new server key is restricted to cloud messaging only.
I am running a Vapor server and I want to call FCM (Firebase Cloud Messaging) API in order to send notifications to my IOS app.
In Firebase console we are presented with two keys Server key and Legacy key.
Reading firebase cloud-messaging/send-message docs I have learnt that I have to send a HTTP POST request to https://fcm.googleapis.com/v1 with an access token .
Reading further under Authorize Send Requests I see there are different libraries (node.js, python) that enable one to generate an access token, but I think I will need to do that using REST since there is no library for SWIFT on server.
I can't find any library for swift to mint an OAUTH2.0 token using a service account and I was wondering if there is anyone who could show me how to mint the token using REST in Swift.
In Firebase console under Project Settings/General beneath the Project ID field there is a Web API key :
Where is this used? I know that the Server key found under Project Settings/Cloud Messaging is used as Authorization key to make calls to the firebase console:
I have also noticed that in google-services.json ther is an "api_key" property that has a "current_key" value which is different from both keys that I have mentioned. What is that key?
From my answer here:
current key - nothing is explicitly stated anywhere in the docs where it is used, however, among the 3 services where the google-services.json was originally used for before Firebase (Google Sign-in, Analytics, GCM), I'm guessing it would be between Google Sign-in and Analytics. As also mentioned by #DiegoGiorgini here:
The api_key value in google-services.json is not used by FCM. (it is used by other Firebase libraries)
So it can be for a separate Google non-Firebase or Firebase service.
Web API Key - this one I haven't had a chance to use before. However, I've seen other posts wherein this specific API key is used often on Web apps related to Firebase (possibly also for Auth purposes?), but I'm not entirely sure.
Server Key - as per the docs:
A server key that authorizes your app server for access to Google services, including sending messages via Firebase Cloud Messaging.
current_key (as per the docs) is the Android key auto-created by Firebase when creating a Firebase Android App. It's NOT used to control access to backend resources. Instead, it's used to identify your Firebase project when interacting with Firebase/Google services. Specifically, it's used to associate API requests with your project for quota and billing.
Web API Key (as per the docs): can be used to authenticate users by passing its value to the key query parameter in several API endpoints, e.g., sign up or sign in using email & password, generate refresh token, etc.
Server Key (as per the docs): is a server key that authorizes your app server for access to Google services, including sending messages via the Firebase Cloud Messaging legacy protocols.