Generates a challenge that protects the integrity of an immediately following call to apps.exchangeAppAttestAttestation
or apps.exchangeAppAttestAssertion
. A challenge should not be reused for multiple calls.
HTTP request
POST https://firebaseappcheck.googleapis.com/v1/{app=projects/*/apps/*}:generateAppAttestChallenge
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
app |
Required. The relative resource name of the iOS app, in the format:
If necessary, the |
Request body
The request body must be empty.
Response body
Response message for the apps.generateAppAttestChallenge
method.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{ "challenge": string, "ttl": string } |
Fields | |
---|---|
challenge |
A one-time use challenge for the client to pass to the App Attest API. A base64-encoded string. |
ttl |
The duration from the time this challenge is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. A duration in seconds with up to nine fractional digits, ending with ' |
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/cloud-platform
https://www.googleapis.com/auth/firebase
For more information, see the Authentication Overview.