I am using Firebase Phone Auth for my app in both iOS and Android. When I receive OTP message I noticed there is a difference in the received messages on both iOS and Android.
The iOS OTP Message Reads xxxxxx is your verification code for myAppName.firebaseapp.com. (authorised domain name).
Whereas Android OTP Message Reads xxxxxx is your verification code.
In the firebase console under the Authentication section and under Templates tab selecting the SMS reveals a different template. %LOGIN_CODE% is your verification code for %APP_NAME%.
I need to show the OTP message as xxxxxx is your verification code for My App Name. in both iOS and Android.
I have changed the projects name and Public-facing name in project settings too. But no change in the messages.
Is this a Bug or am i missing something ?
I have files a bug report to the support team and got response from them. The mail response is as follows
"Is your app still in the development stage and hasn't yet in AppStore/ PlayStore? If so, this behavior of having no app name in the verification code is working as intended. It will only have an app name after your app has been published to the App/Play Store. If it's released Android / iOS app, then we do have the application name in the SMS, and we get it from the AppStore / PlayStore (and website domain for Web).
Just an additional information, there might be a delay for the APP_NAME to appear once the app is published. The update may be delayed because of the propagation between the AppStore/PlayStore update and our server picking up the changes."
As my app is in development stage i am not getting the app name in the OTP Messages. Once the Apps are published to the app store and play store this will be resolved.
firebaser here
There is no way for you to change the message that is sent for the OTP. See:
How to change the sms verification template in firebase phone auth
Is there a way to customize the sms message sent by Firebase phone Authentication in Swift?
If you consider the difference a bug, you can file a bug report.
In addition to #Kautham Krishna's answer, for iOS, it is necessary to add the App ID & Team ID to app settings in the firebase console.
Related
I have created a project in Firebase and registered my app. I send data messages to this app. I do not want to have any user authentication on my app. However, I do want that all my FCM data messages be handled only by my app. No other app be able to access my data messages.
So, my question is - How does Firebase ensure that the app which is registering with my project is the intended app?
If it is based on package name, then I can very well create a dummy app and name it exactly the way as the app I'm trying to spoof. Isn't this a big security flaw?
I can decompile the APK to get all the required config for the google-services.json. So, what stops someone from tricking my Firebase project into registering their app and getting access to all the data messages?
I created a dummy app and was able to reproduce the above. The dummy app successfully received the data message.
I do see something called App ID for my app in the Firebase project settings, but this isn't something I provided while setup. So, this is something Firebase generated. So, this wouldn't be a way to verify the app I assume.
How is that Google, in Firebase Console Notification composer, allows to set notification target to a specific app package name, yet I read there is no way to do it with API? How to send Firebase message to specific application in project?
Is there some hidden capability Google not exposing to devs?
I know about topics, but it takes extra work to set and subscribe to, plus they won't work right away and require some wait time.
The Notification Composer is an online tool hosted by Firebase.
Therefore it already knows the Server Key (required to send messages) associated to each of your projects.
By design (and for obvious security reasons), the Server Key is implicitely linked to a single app, and you can't use it to send a message to different apps.
I am using Google's Firebase to manage some of the back end aspects of my mobile application.
Mainly I am using it for authentication with email as well as sending push notifications.
Currently, I have around 10 users who have been registered for a push notification token.
My question is that, I want to send a notification to only 8 users. Is this possible, because I can't seem to find a location where I can select the users.
I tried disabling the users from the Authentication tab but that seems not to make it work as authenticated users and Push-registered users seem to be different.
You can target FCM messages:
To the iOS or Android app that is being used (through the Console only).
To an Analytics audience that the user of the app is part of (through the Console only).
To a topic the app instance is subscribed to (through the Console and the API).
To a group of devices, if you know their group ID (through the Console and the API).
To a specific device instance (i.e. a specific app on a specific phone) if you know their instance ID token (through the Console and the API).
There is no way in the Firebase console to select the users to send a message to. In fact: Firebase Cloud Messaging has no concept of a user, all it knows is the token that identifies the app that it's part of on the device that it's installed on.
I am working on an app and the Android version implements Firebase for Instance ID, Cloud Messaging and Analytics. Everything is working properly in regards to obtaining the instance id and FCM token.
I also built a server API for sending notifications and data payloads to Android devices and in order to use the same methods in the iOS version I decided to use Firebase for iOS for the same purposes (Instance ID, Cloud Messaging and Analytics).
Setting up Firebase on iOS is well documented and I was able to set the environment for everything to work properly. However, when I run the app I got the following error in the console (which means that the instance id and FCM token were not retrieved):
....
[Firebase/InstanceID][I-IID003009] Failed to fetch default token Error Domain=com.firebase.iid Code=0 "(null)"
[Firebase/InstanceID][I-IID003007] Failed to retrieve the default GCM token after 5 retries
Wait, I know there are other people complaining about the same issue here but this is a totally different case.
I thought that my setup was incorrect or missing something but I reviewed all the procedures and code and everything was 100% correct.
Where I am located (Damascus, Syria), some services are blocked by Google and can only be accessible via a proxy or a VPN. Therefore I setup a US proxy for both the device I am using for testing and the simulator and when I run the app everything works properly and I was able to get the instance id and the FCM token and log them in the console.
What is weird is that in the Firebase Console the analytics is showing the correct number of users even when the FCM token was not received which means that the communication with the Firebase service is not totally blocked. The only part which is not working (without a proxy) is fetching the FCM token.
My question is: Why this particular Firebase service is blocked in iOS and not in Android and can I do anything about it? Remember that I have no problem in getting the token in Android from the same location. Or is this a bug in Firebase and the service is not location bound?
I have no problem in connecting to Google APIs from my location for other purposes like Google Maps or getting information about an FCM token..etc. However, I noticed that the console is referring to iid.firebase.com instead of iid.googleapis.com.
Any help or suggestion in this regard will be appreciated because I want to make a decision whether I should keep trying to use Firebase in both platforms or if I should rely on Firebase for Android and the native APNs ways for iOS. Also, I want to know if my decision to implement Firebase was the correct one in the first place.
Thanks!
We have a system that generates android apps automatically. The users enter in our website and login in their accounts and the users make a description of wich functionalities want and our system automatically generates the signed android apk and publishes on market.
The apps are published on the market with our developer account, not with the user account.
Such users would need PUSH notifications, for example, through GCM, to their applications. Therefore, we need to know if there is any way to automate the process so that users only have to enter on our website their google accounts and the message they want to send their applications, and our system must automatically send the messages to the phones that uses the user applications.
You have to remember and highlight the following factors:
Applications are published in the market under our developer account.
Users who have created their apps through our system have their own google accounts (not developer accounts) and want to send their messages from their accounts of Google and to its applications only, not those of others users and not using our google developer account.
The whole process should be automatic and transparent to the user, since they should only provide these data, their google account, the message they want to send, and the app that must receive the message.
Would it be possible to do this by GCM?
There is a GCM API with which to communicate to perform all these steps automatically?
Thanks
I think you could, but the user must register in GoogleApis to have their own SENDER_ID, then you should make a webservice in which you associate each user to their SENDER_ID and provide them an interface that only send notificatios using their SENDER_ID, however you should have a strong enough server to achieve this since Big Data could be an issue because you must also store the device_ids associated with each of your clients application, also you would be getting registration and unregistration intents from each application installed.
I have used Both Server Side (Grails) & Client Side (Titanium) to send notifications to the android device. So, I will be explaining you both one by one. But before that you need to add ADT plugin in to your Grails framework.check out http://tinyurl.com/chfthpe