Method: projects.apps.generatePlayIntegrityChallenge
Stay organized with collections
Save and categorize content based on your preferences.
Generates a challenge that protects the integrity of an immediately following integrity verdict request to the Play Integrity API. The next call to apps.exchangePlayIntegrityToken
using the resulting integrity token will verify the presence and validity of the challenge. A challenge should not be reused for multiple calls.
HTTP request
POST https://firebaseappcheck.googleapis.com/v1/{app=projects/*/apps/*}:generatePlayIntegrityChallenge
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters |
app |
string
Required. The relative resource name of the app, in the format:
projects/{project_number}/apps/{app_id}
If necessary, the project_number element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google's AIP 2510 standard.
|
Request body
The request body must be empty.
Response body
Response message for the apps.generatePlayIntegrityChallenge
method.
If successful, the response body contains data with the following structure:
JSON representation |
{
"challenge": string,
"ttl": string
} |
Fields |
challenge |
string
A one-time use challenge for the client to pass to the Play Integrity API.
|
ttl |
string (Duration format)
The duration from the time this challenge is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. A duration in seconds with up to nine fractional digits, ending with 's '. Example: "3.5s" .
|
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/cloud-platform
https://www.googleapis.com/auth/firebase
For more information, see the Authentication Overview.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-04-05 UTC.
[null,null,["Last updated 2024-04-05 UTC."],[],[],null,["Generates a challenge that protects the integrity of an immediately following integrity verdict request to the Play Integrity API. The next call to [apps.exchangePlayIntegrityToken](/docs/reference/appcheck/rest/v1/projects.apps/exchangePlayIntegrityToken#google.firebase.appcheck.v1.TokenExchangeService.ExchangePlayIntegrityToken) using the resulting integrity token will verify the presence and validity of the challenge. A challenge should not be reused for multiple calls.\n\nHTTP request\n\n`POST https://firebaseappcheck.googleapis.com/v1/{app=projects/*/apps/*}:generatePlayIntegrityChallenge`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\nPath parameters\n\nRequest body\n\nThe request body must be empty.\n\nResponse body Response message for the [apps.generatePlayIntegrityChallenge](/docs/reference/appcheck/rest/v1/projects.apps/generatePlayIntegrityChallenge#google.firebase.appcheck.v1.TokenExchangeService.GeneratePlayIntegrityChallenge) method.\n\nIf successful, the response body contains data with the following structure:\n\nAuthorization scopes\n\nRequires one of the following OAuth scopes:\n\n- `https://www.googleapis.com/auth/cloud-platform`\n- `https://www.googleapis.com/auth/firebase`\n\nFor more information, see the [Authentication Overview](https://cloud.google.com/docs/authentication/)."]]