Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Firebase bearer token from OAuth2 playground

Tags:

oauth-2.0

firebase

firebase-cloud-messaging

I'm trying to test my application that uses Firebase for push notifications using postman.

I'm specifically testing the Http v1 Api, and looking how to authorize the request.

What I need to get right is getting the OAuth2 token to use in Postman, which I should be able to do on the OAuth 2.0 playground although I'm not sure how.

I have my privatkey.json file that I've downloaded from the firebase console, I just need to know how to use it to get the token that I would add as a bearer authorization header for my POST requests

like image 761
Lawrence Colombo Avatar asked Jan 28 '26 13:01

Lawrence Colombo

1 Answers

I was able to send a message through the FCM v1 HTTP API by requesting the following scopes in the OAuth2 playground:

email, https://www.googleapis.com/auth/firebase.messaging

Specifying scopes in OAuth2 platground

After authorizing this, I exchanged the authorization code for refresh and access tokens.

Exchanging authorization code for tokens

I then passed the resulting access token into the call with FCM:

curl -X POST -H "Authorization: Bearer MY_ACCESS_TOKEN" -H "Content-Type: application/json" -d '{"message":{
  "notification": {
    "title": "FCM Message",
    "body": "This is an FCM Message",
  },
  "token": "MY_DEVICE_TOKEN"
  }
}' https://fcm.googleapis.com/v1/projects/MY_PROJECT_ID/messages:send

In the above CURL request replace the following placeholders with the relevant values for you:

  • MY_PROJECT_ID is the Firebase project ID, which you can get from the project settings page in the Firebase console
  • MY_DEVICE_TOKEN is the registration token of the device that you want to send the message to. For a web client, see how to get the current registration token.
  • MY_ACCESS_TOKEN is the OAuth2 access token that you got from the OAuth2 playground using the steps outlined above.

The FCM documentation on authenticating FCM v1 requests may be confusing since it only calls out the OAuth2 token. It actually first generates a self-signed JWT (JSON Web Token) by calling new google.auth.JWT(...). This involves downloading a private key, and generating the JWT locally through a JWT library.

The self-signed JWT is then passed to jwtClient.authorize(...), which gives back tokens including an access_token. The latter is an OAuth2 access token, similar to the one we got above.

like image 187
Frank van Puffelen Avatar answered Jan 31 '26 08:01

Frank van Puffelen
Sign in to Comment

Related questions

Sending email from node.js using Amazon SES service not working
Android Firebase how to save and retrieve data under specific user
Firebase - retrieve data in Android
FirebaseRecyclerAdapter not updating item indexes when data deleted
Enabling Google Nearby Messages API offline?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!