docs/dyn/firebaseappcheck_v1beta.projects.apps.html

<html><body>
<style>

body, h1, h2, h3, div, span, p, pre, a {
  margin: 0;
  padding: 0;
  border: 0;
  font-weight: inherit;
  font-style: inherit;
  font-size: 100%;
  font-family: inherit;
  vertical-align: baseline;
}

body {
  font-size: 13px;
  padding: 1em;
}

h1 {
  font-size: 26px;
  margin-bottom: 1em;
}

h2 {
  font-size: 24px;
  margin-bottom: 1em;
}

h3 {
  font-size: 20px;
  margin-bottom: 1em;
  margin-top: 1em;
}

pre, code {
  line-height: 1.5;
  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}

pre {
  margin-top: 0.5em;
}

h1, h2, h3, p {
  font-family: Arial, sans serif;
}

h1, h2, h3 {
  border-bottom: solid #CCC 1px;
}

.toc_element {
  margin-top: 0.5em;
}

.firstline {
  margin-left: 2 em;
}

.method  {
  margin-top: 1em;
  border: solid 1px #CCC;
  padding: 1em;
  background: #EEE;
}

.details {
  font-weight: bold;
  font-size: 14px;
}

</style>

<h1><a href="firebaseappcheck_v1beta.html">Firebase App Check API</a> . <a href="firebaseappcheck_v1beta.projects.html">projects</a> . <a href="firebaseappcheck_v1beta.projects.apps.html">apps</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
  <code><a href="firebaseappcheck_v1beta.projects.apps.appAttestConfig.html">appAttestConfig()</a></code>
</p>
<p class="firstline">Returns the appAttestConfig Resource.</p>

<p class="toc_element">
  <code><a href="firebaseappcheck_v1beta.projects.apps.debugTokens.html">debugTokens()</a></code>
</p>
<p class="firstline">Returns the debugTokens Resource.</p>

<p class="toc_element">
  <code><a href="firebaseappcheck_v1beta.projects.apps.deviceCheckConfig.html">deviceCheckConfig()</a></code>
</p>
<p class="firstline">Returns the deviceCheckConfig Resource.</p>

<p class="toc_element">
  <code><a href="firebaseappcheck_v1beta.projects.apps.recaptchaConfig.html">recaptchaConfig()</a></code>
</p>
<p class="firstline">Returns the recaptchaConfig Resource.</p>

<p class="toc_element">
  <code><a href="firebaseappcheck_v1beta.projects.apps.recaptchaEnterpriseConfig.html">recaptchaEnterpriseConfig()</a></code>
</p>
<p class="firstline">Returns the recaptchaEnterpriseConfig Resource.</p>

<p class="toc_element">
  <code><a href="firebaseappcheck_v1beta.projects.apps.safetyNetConfig.html">safetyNetConfig()</a></code>
</p>
<p class="firstline">Returns the safetyNetConfig Resource.</p>

<p class="toc_element">
  <code><a href="#close">close()</a></code></p>
<p class="firstline">Close httplib2 connections.</p>
<p class="toc_element">
  <code><a href="#exchangeAppAttestAssertion">exchangeAppAttestAssertion(app, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Accepts an App Attest assertion and an artifact previously obtained from ExchangeAppAttestAttestation and verifies those with Apple. If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p>
<p class="toc_element">
  <code><a href="#exchangeAppAttestAttestation">exchangeAppAttestAttestation(app, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Accepts an App Attest CBOR attestation and verifies it with Apple using the developer's preconfigured team and bundle IDs. If valid, returns an attestation artifact that can later be exchanged for an AttestationTokenResponse using ExchangeAppAttestAssertion. For convenience and performance, this method's response object will also contain an App Check token encapsulated in an AttestationTokenResponse (if the verification is successful).</p>
<p class="toc_element">
  <code><a href="#exchangeCustomToken">exchangeCustomToken(app, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Validates a custom token signed using your project's Admin SDK service account credentials. If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p>
<p class="toc_element">
  <code><a href="#exchangeDebugToken">exchangeDebugToken(app, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Validates a debug token secret that you have previously created using CreateDebugToken. If valid, returns an App Check token encapsulated in an AttestationTokenResponse. Note that a restrictive quota is enforced on this method to prevent accidental exposure of the app to abuse.</p>
<p class="toc_element">
  <code><a href="#exchangeDeviceCheckToken">exchangeDeviceCheckToken(app, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Accepts a [`device_token`](https://developer.apple.com/documentation/devicecheck/dcdevice) issued by DeviceCheck, and attempts to validate it with Apple. If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p>
<p class="toc_element">
  <code><a href="#exchangeRecaptchaEnterpriseToken">exchangeRecaptchaEnterpriseToken(app, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Validates a [reCAPTCHA Enterprise response token](https://cloud.google.com/recaptcha-enterprise/docs/create-assessment#retrieve_token). If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p>
<p class="toc_element">
  <code><a href="#exchangeRecaptchaToken">exchangeRecaptchaToken(app, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Validates a [reCAPTCHA v3 response token](https://developers.google.com/recaptcha/docs/v3). If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p>
<p class="toc_element">
  <code><a href="#exchangeSafetyNetToken">exchangeSafetyNetToken(app, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Validates a [SafetyNet token](https://developer.android.com/training/safetynet/attestation#request-attestation-step). If valid, returns an App Check token encapsulated in an AttestationTokenResponse.</p>
<p class="toc_element">
  <code><a href="#generateAppAttestChallenge">generateAppAttestChallenge(app, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Generates a challenge that protects the integrity of an immediately following call to ExchangeAppAttestAttestation or ExchangeAppAttestAssertion. A challenge should not be reused for multiple calls.</p>
<h3>Method Details</h3>
<div class="method">
    <code class="details" id="close">close()</code>
  <pre>Close httplib2 connections.</pre>
</div>

<div class="method">
    <code class="details" id="exchangeAppAttestAssertion">exchangeAppAttestAssertion(app, body=None, x__xgafv=None)</code>
  <pre>Accepts an App Attest assertion and an artifact previously obtained from ExchangeAppAttestAttestation and verifies those with Apple. If valid, returns an App Check token encapsulated in an AttestationTokenResponse.

Args:
  app: string, Required. The relative resource name of the iOS app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google&#x27;s [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for the ExchangeAppAttestAssertion method.
  &quot;artifact&quot;: &quot;A String&quot;, # Required. The artifact returned by a previous call to ExchangeAppAttestAttestation.
  &quot;assertion&quot;: &quot;A String&quot;, # Required. The CBOR-encoded assertion returned by the client-side App Attest API.
  &quot;challenge&quot;: &quot;A String&quot;, # Required. A one-time challenge returned by an immediately prior call to GenerateAppAttestChallenge.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check.
  &quot;attestationToken&quot;: &quot;A String&quot;, # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check.
  &quot;ttl&quot;: &quot;A String&quot;, # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.
}</pre>
</div>

<div class="method">
    <code class="details" id="exchangeAppAttestAttestation">exchangeAppAttestAttestation(app, body=None, x__xgafv=None)</code>
  <pre>Accepts an App Attest CBOR attestation and verifies it with Apple using the developer&#x27;s preconfigured team and bundle IDs. If valid, returns an attestation artifact that can later be exchanged for an AttestationTokenResponse using ExchangeAppAttestAssertion. For convenience and performance, this method&#x27;s response object will also contain an App Check token encapsulated in an AttestationTokenResponse (if the verification is successful).

Args:
  app: string, Required. The relative resource name of the iOS app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google&#x27;s [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for the ExchangeAppAttestAttestation method.
  &quot;attestationStatement&quot;: &quot;A String&quot;, # Required. The App Attest statement returned by the client-side App Attest API. This is a base64url encoded CBOR object in the JSON response.
  &quot;challenge&quot;: &quot;A String&quot;, # Required. A one-time challenge returned by an immediately prior call to GenerateAppAttestChallenge.
  &quot;keyId&quot;: &quot;A String&quot;, # Required. The key ID generated by App Attest for the client app.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response message for the ExchangeAppAttestAttestation method.
  &quot;artifact&quot;: &quot;A String&quot;, # An artifact that can be used in future calls to ExchangeAppAttestAssertion.
  &quot;attestationToken&quot;: { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check. # Encapsulates an App Check token.
    &quot;attestationToken&quot;: &quot;A String&quot;, # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check.
    &quot;ttl&quot;: &quot;A String&quot;, # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.
  },
}</pre>
</div>

<div class="method">
    <code class="details" id="exchangeCustomToken">exchangeCustomToken(app, body=None, x__xgafv=None)</code>
  <pre>Validates a custom token signed using your project&#x27;s Admin SDK service account credentials. If valid, returns an App Check token encapsulated in an AttestationTokenResponse.

Args:
  app: string, Required. The relative resource name of the app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google&#x27;s [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for the ExchangeCustomToken method.
  &quot;customToken&quot;: &quot;A String&quot;, # Required. A custom token signed using your project&#x27;s Admin SDK service account credentials.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check.
  &quot;attestationToken&quot;: &quot;A String&quot;, # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check.
  &quot;ttl&quot;: &quot;A String&quot;, # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.
}</pre>
</div>

<div class="method">
    <code class="details" id="exchangeDebugToken">exchangeDebugToken(app, body=None, x__xgafv=None)</code>
  <pre>Validates a debug token secret that you have previously created using CreateDebugToken. If valid, returns an App Check token encapsulated in an AttestationTokenResponse. Note that a restrictive quota is enforced on this method to prevent accidental exposure of the app to abuse.

Args:
  app: string, Required. The relative resource name of the app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google&#x27;s [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for the ExchangeDebugToken method.
  &quot;debugToken&quot;: &quot;A String&quot;, # Required. A debug token secret. This string must match a debug token secret previously created using CreateDebugToken.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check.
  &quot;attestationToken&quot;: &quot;A String&quot;, # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check.
  &quot;ttl&quot;: &quot;A String&quot;, # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.
}</pre>
</div>

<div class="method">
    <code class="details" id="exchangeDeviceCheckToken">exchangeDeviceCheckToken(app, body=None, x__xgafv=None)</code>
  <pre>Accepts a [`device_token`](https://developer.apple.com/documentation/devicecheck/dcdevice) issued by DeviceCheck, and attempts to validate it with Apple. If valid, returns an App Check token encapsulated in an AttestationTokenResponse.

Args:
  app: string, Required. The relative resource name of the iOS app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google&#x27;s [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for the ExchangeDeviceCheckToken method.
  &quot;deviceToken&quot;: &quot;A String&quot;, # Required. The `device_token` as returned by Apple&#x27;s client-side [DeviceCheck API](https://developer.apple.com/documentation/devicecheck/dcdevice). This is the base64 encoded `Data` (Swift) or `NSData` (ObjC) object.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check.
  &quot;attestationToken&quot;: &quot;A String&quot;, # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check.
  &quot;ttl&quot;: &quot;A String&quot;, # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.
}</pre>
</div>

<div class="method">
    <code class="details" id="exchangeRecaptchaEnterpriseToken">exchangeRecaptchaEnterpriseToken(app, body=None, x__xgafv=None)</code>
  <pre>Validates a [reCAPTCHA Enterprise response token](https://cloud.google.com/recaptcha-enterprise/docs/create-assessment#retrieve_token). If valid, returns an App Check token encapsulated in an AttestationTokenResponse.

Args:
  app: string, Required. The relative resource name of the web app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google&#x27;s [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for the ExchangeRecaptchaEnterpriseToken method.
  &quot;recaptchaEnterpriseToken&quot;: &quot;A String&quot;, # Required. The reCAPTCHA token as returned by the [reCAPTCHA Enterprise JavaScript API](https://cloud.google.com/recaptcha-enterprise/docs/instrument-web-pages).
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check.
  &quot;attestationToken&quot;: &quot;A String&quot;, # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check.
  &quot;ttl&quot;: &quot;A String&quot;, # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.
}</pre>
</div>

<div class="method">
    <code class="details" id="exchangeRecaptchaToken">exchangeRecaptchaToken(app, body=None, x__xgafv=None)</code>
  <pre>Validates a [reCAPTCHA v3 response token](https://developers.google.com/recaptcha/docs/v3). If valid, returns an App Check token encapsulated in an AttestationTokenResponse.

Args:
  app: string, Required. The relative resource name of the web app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google&#x27;s [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for the ExchangeRecaptchaToken method.
  &quot;recaptchaToken&quot;: &quot;A String&quot;, # Required. The reCAPTCHA token as returned by the [reCAPTCHA v3 JavaScript API](https://developers.google.com/recaptcha/docs/v3).
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check.
  &quot;attestationToken&quot;: &quot;A String&quot;, # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check.
  &quot;ttl&quot;: &quot;A String&quot;, # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.
}</pre>
</div>

<div class="method">
    <code class="details" id="exchangeSafetyNetToken">exchangeSafetyNetToken(app, body=None, x__xgafv=None)</code>
  <pre>Validates a [SafetyNet token](https://developer.android.com/training/safetynet/attestation#request-attestation-step). If valid, returns an App Check token encapsulated in an AttestationTokenResponse.

Args:
  app: string, Required. The relative resource name of the Android app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google&#x27;s [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for the ExchangeSafetyNetToken method.
  &quot;safetyNetToken&quot;: &quot;A String&quot;, # Required. The [SafetyNet attestation response](https://developer.android.com/training/safetynet/attestation#request-attestation-step) issued to your app.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Encapsulates an *App Check token*, which are used to access Firebase services protected by App Check.
  &quot;attestationToken&quot;: &quot;A String&quot;, # An App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check.
  &quot;ttl&quot;: &quot;A String&quot;, # The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.
}</pre>
</div>

<div class="method">
    <code class="details" id="generateAppAttestChallenge">generateAppAttestChallenge(app, body=None, x__xgafv=None)</code>
  <pre>Generates a challenge that protects the integrity of an immediately following call to ExchangeAppAttestAttestation or ExchangeAppAttestAssertion. A challenge should not be reused for multiple calls.

Args:
  app: string, Required. The relative resource name of the iOS app, in the format: ``` projects/{project_number}/apps/{app_id} ``` If necessary, the `project_number` element can be replaced with the project ID of the Firebase project. Learn more about using project identifiers in Google&#x27;s [AIP 2510](https://google.aip.dev/cloud/2510) standard. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for the GenerateAppAttestChallenge method.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response message for the GenerateAppAttestChallenge method.
  &quot;challenge&quot;: &quot;A String&quot;, # A one-time use challenge for the client to pass to the App Attest API.
  &quot;ttl&quot;: &quot;A String&quot;, # The duration from the time this challenge is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.
}</pre>
</div>

</body></html>