1

Two years ago (June 2014), I created an Android API key for GCM Push Notification for my Android application. From the last two days, GCM server returns Unauthorized (401) response in PHP.

I searched regarding why GCM server returns 401 to PHP, it mentioned that API key is invalid. Why is the Android API key invalid? If I create a Server key for another application, it works fine.

Is there any validity(lifetime) for Android API key? Which key is the best for GCM push notification? Is it Server, Android, iOS or Browser API key? And do those keys have validity period or not?

Please give the proper details and explanation about those four API keys also their lifetime. Or is Android key deprecated?

AL.
  • 36,815
  • 10
  • 142
  • 281
marimuthukumar
  • 11
  • 2

2 Answers2

0

I have same problem. You need to create a "Server Key" replace "Android Key".

Visit Google APIs Console => Create credentials => API Key => Server key

JDP
  • 1
  • 1
0

Is there any validity/expiration of an API key?

From the answer in this SO question. It is clearly stated here, that API key doesn't have expiration.

For details and explaination about the four(server,androi,ios,browser) keys.

  • SERVER KEY - Create and use a Server key if your application runs on a server. Do not use this key outside of your server code. For example, do not embed it in a web page. To prevent quota theft, restrict your key so that requests are only allowed from your servers' source IP addresses.

  • BROWSER KEY - Create and use a Browser key if your application runs on a client, such as a web browser. To prevent your key from being used on unauthorized sites, only allow referrals from domains you administer.

  • IOS KEY - Create and use an iOS key if your application runs on iOS devices. Google verifies that each request originates from an iOS application that matches one of the bundle identifiers you specify. An app's .plist file contains its bundle identifier. Example: com.example.MyApp

  • ANDROID KEY - Create and use an Android key if your application runs on Android devices. To do so, you need to specify the SHA1 fingerprints and package names of the application using that key.

For more information check this page.

Which key is best for GCM push notification?

I found many tutorials and SO questions that you need to use SERVER KEY in using GCM push notifications.

sources

Community
  • 1
  • 1
KENdi
  • 7,576
  • 2
  • 16
  • 31