Validates a custom token signed using your project's Admin SDK service account credentials. If valid, returns an
AppCheckToken
.
HTTP request
POST https://firebaseappcheck.googleapis.com/v1beta/{app=projects/*/apps/*}:exchangeCustomToken
The URL uses gRPC Transcoding syntax.
Path parameters
| Parameters | |
|---|---|
app
|
Required. The relative resource name of the app, in the format:
If necessary, the
|
Request body
The request body contains data with the following structure:
| JSON representation |
|---|
{ "customToken": string, "limitedUse": boolean, "jti": string } |
| Fields | |
|---|---|
customToken
|
Required. A custom token signed using your project's Admin SDK service account credentials. |
limitedUse
|
Specifies whether this attestation is for use in a
limited use
(
|
jti
|
Optional. When
An error is returned if this field is specified without setting
The size of this field is limited to 500 bytes. If specified, its length must be at least 16 bytes.
If this field is omitted or is empty and
When
|
Response body
If successful, the response body contains an instance of
AppCheckToken
.