How to register a new Server key in the GCM after September 2016?
Yes, I understand that the registration of new keys in the GCM is prohibited.
Starting from September 2016, you can create new server keys only in
the Firebase Console using the Cloud Messaging tab of the Settings
panel. Existing projects that need to create a new server key can be
imported in the Firebase console without affecting their existing
configuration.
But our company policy does not allow the use of FCM.
Perhaps Google office can help?
There is no other way to generate a valid Server key to use for GCM or FCM, other than using the one auto-generated one when you create/migrate a Firebase Project in the Firebase Console.
As mentioned in the comments, using a Server Key retrieved from the Firebase Console can still be used by implementations for GCM. Using this technically doesn't mean that you're using FCM already.
Also mentioned in the comments, FCM is practically just GCM itself with new features. It is already strongly recommended that users of GCM migrate to using FCM already.
If you're still persistent on not using a Server Key from generating a Firebase Project, I suggest contacting GCM Support through this form, providing the details as to why you need to generate a new Server Key.
Related
I cant find legacy server key on cloud messaging in firebase as shown in the image.
From the Firebase release notes:
FCM no longer creates legacy server keys.
Existing legacy server keys will continue to work, but we recommend that you instead use the newer version of key labeled Server key in the Firebase console.
For more information, see Migrate legacy server keys.
I am currently setting up a Firebase Cloud Messaging project. When adding apps to this project some credentials are automatically generated by FCM, e.g. the Server key as well as Android and iOS client keys.
For Android, I can download and use the google-services.json file to setup the client, i.e. registering for an FCM token and receiving push messages. But how do I restrict this so only my app can receive these messages?
I thought it would be the (auto created) Android client API key, so to test I've put an incorrect package name and SHA fingerprint in restrictions for the key. No effect, can still receive messages.
I then tried removing the API key as well as oauth client info completely from the google-services.json file, to confirm that the device then would not be able to receive messages. No effect, can still receive messages. All client info seems to be completely ignored, except for the app id (and the general project info).
So, I am really wondering what prevents reverse engineering of an app to extract the app id and general project info, and then receiving push messages in an entirely different app? I don't understand why the Android client API key, etc. is included in the google-services.json file, or why they are even created, if it is not used.
All the information in google-services.json is essentially configuration data that your app uses to find the Firebase services on Google's servers. You should not rely on knowing it, or lack of knowing it, as a security mechanism.
Instead you should send your messages in a way that ensures they are delivered only to the targeted recipients. A large part of this is sending messages to specific FCM Instance ID tokens. Firebase's Instance ID tokens are unguessable. Initially this registration token is only known on the client-side device where it is generated, and that device determines who to share it with.
By ensuring your client-side code only shares the token with your own server-side code, which then use it to target FCM messages, you can create a completely safe delivery environment where you fully control who can receive each specific message.
On the other side of this are FCM topics, which are a simpler mechanism for delivering messages to groups of users. Since any client can subscribe to any topic that it knows the ID of, topics should be used for delivering messages that require less securely targeted delivery.
I've been in contact with Firebase Support over the past week to shed light on this. It seems there is an important difference between the now deprecated Google Cloud Messaging (GCM) and Firebase Cloud Messaging (FCM), and it is currently not well documented.
With GCM it was possible to use and restrict e.g. the Android client API key with a package name and a SHA fingerprint. This is no longer possible with FCM. The keys are auto created when you add apps to your project in the Firebase console, and included in the google-services.json file, and you can add the restrictions to these under Credentials in APIs & Services, but it will not have any effect.
Please also note that the SHA fingerprint you can add in the Firebase project is only for Firebase Invites or Firebase Dynamic Links.
Be careful and have this in mind when you decide what to use the messaging service for, or when you migrate from GCM to FCM.
There is a feature request for this at Firebase but they currently have no timeline. There also a request now for an update of their documentation regarding this issue.
My android app uses GCM and urbanairship for push notifications.
Now Google has deprecated GCM and is recommending to switch to FCM.
The problem is I don't have access to the Google account which was used to set up GCM as it was set up using one of the developers account who has left. So I can not migrate from GCM to FCM as told in the migration tutorials.
In this scenario, how can I switch to FCM using a different Google account keeping in mind that I use urbanairship?
I want to preserve the registration tokens, or get them replaced without asking customers to uninstall and reinstall the app.
Is it possible that the app registers itself with FCM when I roll down an update?
The problem is I don't have access to the Google account which was used to set up GCM as it was set up using one of the developers account who has left.
This is not an uncommon situation. What I would suggest is contacting Google Support about the GCM Project. It would be best for you to get access to current project, specially if you are the one managing/using it.
After getting access, you could then migrate it to Firebase as needed.
In this scenario, how can I switch to FCM using a different Google account keeping in mind that I use urbanairship?
You can't switch to a different account. However, you could modify your app to receive messages from a different project. I haven't used UrbanAirship before, but AFAIK, if they are using GCM underneath their service, then they too should be handling the FCM migration part.
Is it possible that the app registers itself with FCM when I roll down an update?
In order to register an app is for it to call getToken(). So technically, yes. But you would have to handle pairing/saving the token to it's corresponding user.
With all that said, I would strongly suggest you contact Google Support first.
Here is how I solved the problem:
1. Created a new Google FCM account.
2. Created a new project in Urbanairship console using keys from new Google FCM account.
3. Updated the backend code to send notifications twice - once for old urbanairship project and once for new project. Out of the two attempts, one will fail for sure and one will succeed for sure as customer will be using either of the two versions of the app.
4. Customers using old version of app will have registation tokens which are available with old urbanairship project. Customers using new version of app will have registation tokens which are available with new urbanairship project.
5. When customer updates the app, urbanairship takes care of registering the token with new FCM account server. I don't have to do anything here. This was not expected as token is updated upon fresh installation and not during updates.
So to summarize:
UA Project Old -> Google GCM -> Device with old app version
UA Project New -> Google FCM -> Device with new app version
Here is the FCM Urban Airship migration guide. Assuming you are able to recover your GCM account you only need to follow that guide with your existing sender ID. If you change accounts, you will have to configure the new FCM project API key in the Urban Airship dashboard. The SDK will automatically update all the channels with the new registration token. During the transition period, only devices that have updated will be able to receive push.
I'm following Google Cloud messaging tutorial, I'm not exactly understang phrase:
First, make sure your Server key (not the client API key in googleservices.json) is provided as the value of API_KEY in GcmSender.java.
So in order to run this sample, I need to write a server side? I thought that GcmSender.java already emulates server side of the application? Can someone clarify it?
As #MohanadMohie you should instead use FCM.
First, make sure your Server key (not the client API key in googleservices.json) is provided as the value of API_KEY in GcmSender.java
The GcmSender.java does emulate the function for sending a message. This only states that you should make sure that the API key you use is a valid Server Key.
And as per Server Keys go, there is already a note in the GCM docs saying:
Starting from Sept. 2016 new server key can only be created in the Firebase Console using the Cloud Messaging tab of the Settings panel. Existing projects that need to create a new server key can be imported in the Firebase console without affecting their existing configuration.
Plus, in FCM, you'll be able to make use of the Firebase Console to send push notifications.
I want to use push notification service on my Android project, but when I try to generate a server key, I notice that Google's developers console changed and I can't find where I can generate my server key. I looked at a lot of tutorials but still I can't do it.
Update: There is now a visible note in the GCM docs saying:
Starting from Sept. 2016 new server key can only be created in the Firebase Console using the Cloud Messaging tab of the Settings panel. Existing projects that need to create a new server key can be imported in the Firebase console without affecting their existing configuration.
Just retrieved a part of my answer here.
Go to your Google Developers Console
On the left-pane, click on Credentials
Under the Credentials Tab, Click on Create Credentials
Select API Key
Select Server Key
Fill out the details.
Click on Create
The Server Key should be available by then.
PS: Just tried it out, this still is a way to generate a Server Key.
please consider changing from google cloud messaging to firebase cloud messaging
google now recommend developers to use FCM instead of GCM
link here: https://firebase.google.com/features/