Required. The relative resource name of the app, in the format:
projects/{project_number}/apps/{app_id}
If necessary, the
project_number
element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's
AIP 2510
standard.
Request body
The request body contains data with the following structure:
JSON representation
{"customToken": string,"limitedUse": boolean}
Fields
customToken
string
Required. A custom token signed using your project's Admin SDK service account credentials.
limitedUse
boolean
Specifies whether this attestation is for use in a
limited use
(
true
) or
session based
(
false
) context. To enable this attestation to be used with the
replay protection
feature, set this to
true
. The default value is
false
.
Response body
If successful, the response body contains an instance of
AppCheckToken
.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-04-05 UTC."],[],[],null,["# Method: projects.apps.exchangeCustomToken\n\nValidates a custom token signed using your project's Admin SDK service account credentials. If valid, returns an\n`\n`[AppCheckToken](/docs/reference/appcheck/rest/v1/AppCheckToken)`\n`\n.\n\n### HTTP request\n\n\n`\nPOST https://firebaseappcheck.googleapis.com/v1/{app=projects/*/apps/*}:exchangeCustomToken\n`\n\n\nThe URL uses\n[gRPC Transcoding](https://google.aip.dev/127)\nsyntax.\n\n### Path parameters\n\n| Parameters ||\n|---------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| ` app ` | ` string ` Required. The relative resource name of the app, in the format: projects/{project_number}/apps/{app_id} If necessary, the ` project_number ` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's [AIP 2510](https://google.aip.dev/cloud/2510) standard. |\n\n### Request body\n\n\nThe request body contains data with the following structure:\n\n| JSON representation |\n|----------------------------------------------------------|\n| ``` { \"customToken\": string, \"limitedUse\": boolean } ``` |\n\n| Fields ||\n|-----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| ` customToken ` | ` string ` Required. A custom token signed using your project's Admin SDK service account credentials. |\n| ` limitedUse ` | ` boolean ` Specifies whether this attestation is for use in a *limited use* ( ` true ` ) or *session based* ( ` false ` ) context. To enable this attestation to be used with the *replay protection* feature, set this to ` true ` . The default value is ` false ` . |\n\n### Response body\n\n\nIf successful, the response body contains an instance of\n`\n`[AppCheckToken](/docs/reference/appcheck/rest/v1/AppCheckToken)`\n`\n."]]