1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="firebaseappcheck_v1beta.html">Firebase App Check API</a> . <a href="firebaseappcheck_v1beta.projects.html">projects</a> . <a href="firebaseappcheck_v1beta.projects.apps.html">apps</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="firebaseappcheck_v1beta.projects.apps.appAttestConfig.html">appAttestConfig()</a></code> 79</p> 80<p class="firstline">Returns the appAttestConfig Resource.</p> 81 82<p class="toc_element"> 83 <code><a href="firebaseappcheck_v1beta.projects.apps.debugTokens.html">debugTokens()</a></code> 84</p> 85<p class="firstline">Returns the debugTokens Resource.</p> 86 87<p class="toc_element"> 88 <code><a href="firebaseappcheck_v1beta.projects.apps.deviceCheckConfig.html">deviceCheckConfig()</a></code> 89</p> 90<p class="firstline">Returns the deviceCheckConfig Resource.</p> 91 92<p class="toc_element"> 93 <code><a href="firebaseappcheck_v1beta.projects.apps.recaptchaConfig.html">recaptchaConfig()</a></code> 94</p> 95<p class="firstline">Returns the recaptchaConfig Resource.</p> 96 97<p class="toc_element"> 98 <code><a href="firebaseappcheck_v1beta.projects.apps.recaptchaEnterpriseConfig.html">recaptchaEnterpriseConfig()</a></code> 99</p> 100<p class="firstline">Returns the recaptchaEnterpriseConfig Resource.</p> 101 102<p class="toc_element"> 103 <code><a href="firebaseappcheck_v1beta.projects.apps.safetyNetConfig.html">safetyNetConfig()</a></code> 104</p> 105<p class="firstline">Returns the safetyNetConfig Resource.</p> 106 107<p class="toc_element"> 108 <code><a href="#close">close()</a></code></p> 109<p class="firstline">Close httplib2 connections.</p> 110<p class="toc_element"> 111 <code><a href="#exchangeAppAttestAssertion">exchangeAppAttestAssertion(app, body=None, x__xgafv=None)</a></code></p> 112<p class="firstline">Accepts an App Attest assertion and an artifact previously obtained from ExchangeAppAttestAttestation and verifies those with Apple. If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p> 113<p class="toc_element"> 114 <code><a href="#exchangeAppAttestAttestation">exchangeAppAttestAttestation(app, body=None, x__xgafv=None)</a></code></p> 115<p class="firstline">Accepts an App Attest CBOR attestation and verifies it with Apple using the developer's preconfigured team and bundle IDs. If valid, returns an attestation artifact that can later be exchanged for an AttestationTokenResponse using ExchangeAppAttestAssertion. For convenience and performance, this method's response object will also contain an App Check token encapsulated in an AttestationTokenResponse (if the verification is successful).</p> 116<p class="toc_element"> 117 <code><a href="#exchangeCustomToken">exchangeCustomToken(app, body=None, x__xgafv=None)</a></code></p> 118<p class="firstline">Validates a custom token signed using your project's Admin SDK service account credentials. If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p> 119<p class="toc_element"> 120 <code><a href="#exchangeDebugToken">exchangeDebugToken(app, body=None, x__xgafv=None)</a></code></p> 121<p class="firstline">Validates a debug token secret that you have previously created using CreateDebugToken. If valid, returns an App Check token encapsulated in an AttestationTokenResponse. Note that a restrictive quota is enforced on this method to prevent accidental exposure of the app to abuse.</p> 122<p class="toc_element"> 123 <code><a href="#exchangeDeviceCheckToken">exchangeDeviceCheckToken(app, body=None, x__xgafv=None)</a></code></p> 124<p class="firstline">Accepts a [`device_token`](https://developer.apple.com/documentation/devicecheck/dcdevice) issued by DeviceCheck, and attempts to validate it with Apple. If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p> 125<p class="toc_element"> 126 <code><a href="#exchangeRecaptchaEnterpriseToken">exchangeRecaptchaEnterpriseToken(app, body=None, x__xgafv=None)</a></code></p> 127<p class="firstline">Validates a [reCAPTCHA Enterprise response token](https://cloud.google.com/recaptcha-enterprise/docs/create-assessment#retrieve_token). If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p> 128<p class="toc_element"> 129 <code><a href="#exchangeRecaptchaToken">exchangeRecaptchaToken(app, body=None, x__xgafv=None)</a></code></p> 130<p class="firstline">Validates a [reCAPTCHA v3 response token](https://developers.google.com/recaptcha/docs/v3). If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p> 131<p class="toc_element"> 132 <code><a href="#exchangeSafetyNetToken">exchangeSafetyNetToken(app, body=None, x__xgafv=None)</a></code></p> 133<p class="firstline">Validates a [SafetyNet token](https://developer.android.com/training/safetynet/attestation#request-attestation-step). If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p> 134<p class="toc_element"> 135 <code><a href="#generateAppAttestChallenge">generateAppAttestChallenge(app, body=None, x__xgafv=None)</a></code></p> 136<p class="firstline">Generates a challenge that protects the integrity of an immediately following call to ExchangeAppAttestAttestation or ExchangeAppAttestAssertion. A challenge should not be reused for multiple calls.</p> 137<h3>Method Details</h3> 138<div class="method"> 139 <code class="details" id="close">close()</code> 140 <pre>Close httplib2 connections.</pre> 141</div> 142 143<div class="method"> 144 <code class="details" id="exchangeAppAttestAssertion">exchangeAppAttestAssertion(app, body=None, x__xgafv=None)</code> 145 <pre>Accepts an App Attest assertion and an artifact previously obtained from ExchangeAppAttestAttestation and verifies those with Apple. If valid, returns an App Check token encapsulated in an AttestationTokenResponse. 146 147Args: 148 app: string, Required. The relative resource name of the iOS app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required) 149 body: object, The request body. 150 The object takes the form of: 151 152{ # Request message for the ExchangeAppAttestAssertion method. 153 "artifact": "A String", # Required. The artifact returned by a previous call to ExchangeAppAttestAttestation. 154 "assertion": "A String", # Required. The CBOR-encoded assertion returned by the client-side App Attest API. 155 "challenge": "A String", # Required. A one-time challenge returned by an immediately prior call to GenerateAppAttestChallenge. 156} 157 158 x__xgafv: string, V1 error format. 159 Allowed values 160 1 - v1 error format 161 2 - v2 error format 162 163Returns: 164 An object of the form: 165 166 { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check. 167 "attestationToken": "A String", # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check. 168 "ttl": "A String", # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. 169}</pre> 170</div> 171 172<div class="method"> 173 <code class="details" id="exchangeAppAttestAttestation">exchangeAppAttestAttestation(app, body=None, x__xgafv=None)</code> 174 <pre>Accepts an App Attest CBOR attestation and verifies it with Apple using the developer's preconfigured team and bundle IDs. If valid, returns an attestation artifact that can later be exchanged for an AttestationTokenResponse using ExchangeAppAttestAssertion. For convenience and performance, this method's response object will also contain an App Check token encapsulated in an AttestationTokenResponse (if the verification is successful). 175 176Args: 177 app: string, Required. The relative resource name of the iOS app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required) 178 body: object, The request body. 179 The object takes the form of: 180 181{ # Request message for the ExchangeAppAttestAttestation method. 182 "attestationStatement": "A String", # Required. The App Attest statement returned by the client-side App Attest API. This is a base64url encoded CBOR object in the JSON response. 183 "challenge": "A String", # Required. A one-time challenge returned by an immediately prior call to GenerateAppAttestChallenge. 184 "keyId": "A String", # Required. The key ID generated by App Attest for the client app. 185} 186 187 x__xgafv: string, V1 error format. 188 Allowed values 189 1 - v1 error format 190 2 - v2 error format 191 192Returns: 193 An object of the form: 194 195 { # Response message for the ExchangeAppAttestAttestation method. 196 "artifact": "A String", # An artifact that can be used in future calls to ExchangeAppAttestAssertion. 197 "attestationToken": { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check. # Encapsulates an App Check token. 198 "attestationToken": "A String", # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check. 199 "ttl": "A String", # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. 200 }, 201}</pre> 202</div> 203 204<div class="method"> 205 <code class="details" id="exchangeCustomToken">exchangeCustomToken(app, body=None, x__xgafv=None)</code> 206 <pre>Validates a custom token signed using your project's Admin SDK service account credentials. If valid, returns an App Check token encapsulated in an AttestationTokenResponse. 207 208Args: 209 app: string, Required. The relative resource name of the app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required) 210 body: object, The request body. 211 The object takes the form of: 212 213{ # Request message for the ExchangeCustomToken method. 214 "customToken": "A String", # Required. A custom token signed using your project's Admin SDK service account credentials. 215} 216 217 x__xgafv: string, V1 error format. 218 Allowed values 219 1 - v1 error format 220 2 - v2 error format 221 222Returns: 223 An object of the form: 224 225 { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check. 226 "attestationToken": "A String", # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check. 227 "ttl": "A String", # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. 228}</pre> 229</div> 230 231<div class="method"> 232 <code class="details" id="exchangeDebugToken">exchangeDebugToken(app, body=None, x__xgafv=None)</code> 233 <pre>Validates a debug token secret that you have previously created using CreateDebugToken. If valid, returns an App Check token encapsulated in an AttestationTokenResponse. Note that a restrictive quota is enforced on this method to prevent accidental exposure of the app to abuse. 234 235Args: 236 app: string, Required. The relative resource name of the app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required) 237 body: object, The request body. 238 The object takes the form of: 239 240{ # Request message for the ExchangeDebugToken method. 241 "debugToken": "A String", # Required. A debug token secret. This string must match a debug token secret previously created using CreateDebugToken. 242} 243 244 x__xgafv: string, V1 error format. 245 Allowed values 246 1 - v1 error format 247 2 - v2 error format 248 249Returns: 250 An object of the form: 251 252 { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check. 253 "attestationToken": "A String", # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check. 254 "ttl": "A String", # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. 255}</pre> 256</div> 257 258<div class="method"> 259 <code class="details" id="exchangeDeviceCheckToken">exchangeDeviceCheckToken(app, body=None, x__xgafv=None)</code> 260 <pre>Accepts a [`device_token`](https://developer.apple.com/documentation/devicecheck/dcdevice) issued by DeviceCheck, and attempts to validate it with Apple. If valid, returns an App Check token encapsulated in an AttestationTokenResponse. 261 262Args: 263 app: string, Required. The relative resource name of the iOS app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required) 264 body: object, The request body. 265 The object takes the form of: 266 267{ # Request message for the ExchangeDeviceCheckToken method. 268 "deviceToken": "A String", # Required. The `device_token` as returned by Apple's client-side [DeviceCheck API](https://developer.apple.com/documentation/devicecheck/dcdevice). This is the base64 encoded `Data` (Swift) or `NSData` (ObjC) object. 269} 270 271 x__xgafv: string, V1 error format. 272 Allowed values 273 1 - v1 error format 274 2 - v2 error format 275 276Returns: 277 An object of the form: 278 279 { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check. 280 "attestationToken": "A String", # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check. 281 "ttl": "A String", # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. 282}</pre> 283</div> 284 285<div class="method"> 286 <code class="details" id="exchangeRecaptchaEnterpriseToken">exchangeRecaptchaEnterpriseToken(app, body=None, x__xgafv=None)</code> 287 <pre>Validates a [reCAPTCHA Enterprise response token](https://cloud.google.com/recaptcha-enterprise/docs/create-assessment#retrieve_token). If valid, returns an App Check token encapsulated in an AttestationTokenResponse. 288 289Args: 290 app: string, Required. The relative resource name of the web app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required) 291 body: object, The request body. 292 The object takes the form of: 293 294{ # Request message for the ExchangeRecaptchaEnterpriseToken method. 295 "recaptchaEnterpriseToken": "A String", # Required. The reCAPTCHA token as returned by the [reCAPTCHA Enterprise JavaScript API](https://cloud.google.com/recaptcha-enterprise/docs/instrument-web-pages). 296} 297 298 x__xgafv: string, V1 error format. 299 Allowed values 300 1 - v1 error format 301 2 - v2 error format 302 303Returns: 304 An object of the form: 305 306 { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check. 307 "attestationToken": "A String", # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check. 308 "ttl": "A String", # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. 309}</pre> 310</div> 311 312<div class="method"> 313 <code class="details" id="exchangeRecaptchaToken">exchangeRecaptchaToken(app, body=None, x__xgafv=None)</code> 314 <pre>Validates a [reCAPTCHA v3 response token](https://developers.google.com/recaptcha/docs/v3). If valid, returns an App Check token encapsulated in an AttestationTokenResponse. 315 316Args: 317 app: string, Required. The relative resource name of the web app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required) 318 body: object, The request body. 319 The object takes the form of: 320 321{ # Request message for the ExchangeRecaptchaToken method. 322 "recaptchaToken": "A String", # Required. The reCAPTCHA token as returned by the [reCAPTCHA v3 JavaScript API](https://developers.google.com/recaptcha/docs/v3). 323} 324 325 x__xgafv: string, V1 error format. 326 Allowed values 327 1 - v1 error format 328 2 - v2 error format 329 330Returns: 331 An object of the form: 332 333 { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check. 334 "attestationToken": "A String", # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check. 335 "ttl": "A String", # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. 336}</pre> 337</div> 338 339<div class="method"> 340 <code class="details" id="exchangeSafetyNetToken">exchangeSafetyNetToken(app, body=None, x__xgafv=None)</code> 341 <pre>Validates a [SafetyNet token](https://developer.android.com/training/safetynet/attestation#request-attestation-step). If valid, returns an App Check token encapsulated in an AttestationTokenResponse. 342 343Args: 344 app: string, Required. The relative resource name of the Android app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required) 345 body: object, The request body. 346 The object takes the form of: 347 348{ # Request message for the ExchangeSafetyNetToken method. 349 "safetyNetToken": "A String", # Required. The [SafetyNet attestation response](https://developer.android.com/training/safetynet/attestation#request-attestation-step) issued to your app. 350} 351 352 x__xgafv: string, V1 error format. 353 Allowed values 354 1 - v1 error format 355 2 - v2 error format 356 357Returns: 358 An object of the form: 359 360 { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check. 361 "attestationToken": "A String", # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check. 362 "ttl": "A String", # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. 363}</pre> 364</div> 365 366<div class="method"> 367 <code class="details" id="generateAppAttestChallenge">generateAppAttestChallenge(app, body=None, x__xgafv=None)</code> 368 <pre>Generates a challenge that protects the integrity of an immediately following call to ExchangeAppAttestAttestation or ExchangeAppAttestAssertion. A challenge should not be reused for multiple calls. 369 370Args: 371 app: string, Required. The relative resource name of the iOS app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required) 372 body: object, The request body. 373 The object takes the form of: 374 375{ # Request message for the GenerateAppAttestChallenge method. 376} 377 378 x__xgafv: string, V1 error format. 379 Allowed values 380 1 - v1 error format 381 2 - v2 error format 382 383Returns: 384 An object of the form: 385 386 { # Response message for the GenerateAppAttestChallenge method. 387 "challenge": "A String", # A one-time use challenge for the client to pass to the App Attest API. 388 "ttl": "A String", # The duration from the time this challenge is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. 389}</pre> 390</div> 391 392</body></html>