56

I am using Firebase Cloud Messaging (FCM) and as per the abreviated code below everytime a new Token is generated on the Customer Device... I send this new TOKEN to my SERVER DB (Cloud) where I save it in order to be able to send future Push Notification from the Server to the Device using the CFM API.

    //public class CFMInstanceIDService extends FirebaseInstanceIdService ...

    public void onTokenRefresh() {
        ...
        String cfmToken = FirebaseInstanceId.getInstance().getToken();        
        ...     
        sendRegistrationToServer(customerGuid, cfmToken);
    }

By doing this I have on the Server a list of ALL (multiples) Devices where a Customer is logged-in. (Tablet, Phone, iPhone, Android, etc)

Is there any way to verify/validate a Token at any time?

I would like to know/ensure that all the tokens that I have associated to a Customer belong to real Devices. I don't want to send Push Notifications to not-existing Tokens.

Zon
  • 18,610
  • 7
  • 91
  • 99
Geo305
  • 1,084
  • 2
  • 10
  • 16

6 Answers6

47

Here is an example curl request that shows how to validate a token without actually having to send a message:

curl -H "Content-Type: application/json" -H "Authorization: key=$FCM_API_KEY" https://fcm.googleapis.com/fcm/send -d '{"registration_ids":["$FCMTOKEN"]}'

Example invalid response:

{"multicast_id":7452350602151058088,"success":0,"failure":1,"canonical_ids":0,"results":[{"error":"InvalidRegistration"}]}

Example valid response:

{"multicast_id":9133870199216310277,"success":1,"failure":0,"canonical_ids":0,"results":[{"message_id":"0:1502817580237626%f590ddc2f9fd7ecd"}]}

I got this answer from google's firebase support team.

AngularNerd
  • 871
  • 7
  • 14
  • 7
    The answer as posted actually does send a message; at least it did to my iOS device. Including "dry_run": true in the request means no message is sent – Dave Nottage Apr 28 '18 at 06:11
  • 2
    How to get register token id in failure case? now, we can received the response such as error and message_id only. but i need register token id also. please response soon. – sameer Mar 13 '19 at 09:54
  • 3
    @sameer you will get the result info (dictionary of array) in the response. each dictionary item inside the array response represents the status of each device token in the bulk request (same order as you sent). if any of the dictionary holds error as "NotRegistered", you can get the corresponding token by matching the index and delete it from the database. – Shamsudheen TK Oct 29 '20 at 17:00
  • from where we can get $FCM_API_KEY – Mudaser Ali Mar 24 '22 at 12:36
  • https://stackoverflow.com/a/57297765/1731823 solve my problem – Mudaser Ali Mar 24 '22 at 12:41
24

Actually there is a workaround, you can use dry_run = true

This parameter, when set to true, allows developers to test a request without actually sending a message.

firebase docs

if user unsubscribe, you have a response with NotRegistered but real sending won't be performed

FDG
  • 720
  • 8
  • 12
  • 10
    Using curl: `curl -H "Content-Type: application/json" -H "Authorization: key=$FCM_API_KEY" https://fcm.googleapis.com/fcm/send -d '{"registration_ids":["$FCMTOKEN"], "dry_run": true}'` – Pabi Apr 05 '20 at 00:04
19

You can validate the FCM token by calling the

(GET) https://iid.googleapis.com/iid/info/YOUR_APP_TOKEN_HERE
[Header] => 'Authorization: key=YOUR_KEY'

Simple and easy.

If token is valid then it will return 200 status code with some more details in JSON format or if it's invalid then status code will be 400 with error detail in JSON format.

Saud Khan
  • 786
  • 9
  • 24
8

No such thing exists, the only information you can get from a token is app information and not wether it is valid or not

https://developers.google.com/instance-id/reference/server#get_information_about_app_instances

what you should be doing is watching for the response when you go to send push's out and if keys are not valid anymore the response will tell you what keys should be deleted withNotRegistered

https://firebase.google.com/docs/cloud-messaging/server

Alexander Farber
  • 21,519
  • 75
  • 241
  • 416
tyczj
  • 71,600
  • 54
  • 194
  • 296
  • 1
    When using the instance-id endpoint you can check for the info of a token and the response would indicate (not specifically) that the token is not valid, either because there is no info for the token or if the token is invalid format. – Arthur Thompson Jul 19 '16 at 18:00
2

There is no way to validate if a token is still valid prior to send the downstream message. What you need to do is to check the response after sending the message and then check if the response contains any error.

For example, if the server returns an 200 + error:NotRegistered http code, it means that an existing registration token may cease to be valid.

In the section "Downstream message error response codes of FGC", you will find documented every possible status response.

Víctor Albertos
  • 8,093
  • 5
  • 43
  • 71
0

If you have adminsdk crendeital, you can use this code:

func TestPushToken(t *testing.T) {
    ctx := context.Background()

    opt := option.WithCredentialsJSON([]byte(credential))
    app, err := firebase.NewApp(ctx, nil, opt)
    if err != nil {
        t.Error(err)
    }

    msg := &messaging.Message{
        Notification: &messaging.Notification{
            Title: "Hi",
            Body:  fmt.Sprintf("Welcome at %d", time.Now().Unix()),
        },
        Token: pushToken,
    }

    fcmClient, err := app.Messaging(ctx)
    run, err := fcmClient.SendDryRun(ctx, msg)
    if err != nil {
        t.Error(err)
    }
    fmt.Println(run)
}

If there are any error, that means pushToken is invalid. Or you will get the response like

/messages/fake_message_id
Tung Luong Thanh
  • 377
  • 6
  • 11