app-check package

The Firebase App Check Web SDK.

Firebase App Check does not work in a Node.js environment using ReCaptchaV3Provider or ReCaptchaEnterpriseProvider, but can be used in Node.js if you use CustomProvider and write your own attestation method.

Functions

Function Description
function(app, ...)
initializeAppCheck(app, options) Activate App Check for the given app. Can be called only once per app.
function(appCheckInstance, ...)
getLimitedUseToken(appCheckInstance) Requests a Firebase App Check token. This method should be used only if you need to authorize requests to a non-Firebase backend.Returns limited-use tokens that are intended for use with your non-Firebase backend endpoints that are protected with Replay Protection. This method does not affect the token generation behavior of the #getAppCheckToken() method.
getToken(appCheckInstance, forceRefresh) Get the current App Check token. If forceRefresh is false, this function first checks for a valid token in memory, then local persistence (IndexedDB). If not found, or if forceRefresh is true, it makes a request to the App Check endpoint for a fresh token. That request attaches to the most recent in-flight request if one is present.
onTokenChanged(appCheckInstance, observer) Registers a listener to changes in the token state. There can be more than one listener registered at the same time for one or more App Check instances. The listeners call back on the UI thread whenever the current token associated with this App Check instance changes.
onTokenChanged(appCheckInstance, onNext, onError, onCompletion) Registers a listener to changes in the token state. There can be more than one listener registered at the same time for one or more App Check instances. The listeners call back on the UI thread whenever the current token associated with this App Check instance changes.
setTokenAutoRefreshEnabled(appCheckInstance, isTokenAutoRefreshEnabled) Set whether App Check will automatically refresh tokens as needed.

Classes

Class Description
CustomProvider Custom provider class.
ReCaptchaEnterpriseProvider App Check provider that can obtain a reCAPTCHA Enterprise token and exchange it for an App Check token.
ReCaptchaV3Provider App Check provider that can obtain a reCAPTCHA V3 token and exchange it for an App Check token.

Interfaces

Interface Description
AppCheck The Firebase App Check service interface.
AppCheckOptions Options for App Check initialization.
AppCheckToken The token returned from an App Check provider.
AppCheckTokenResult Result returned by getToken().
CustomProviderOptions Options when creating a CustomProvider.

Type Aliases

Type Alias Description
AppCheckTokenListener A listener that is called whenever the App Check token changes.

function(app, ...)

initializeAppCheck(app, options)

Activate App Check for the given app. Can be called only once per app.

Signature:

export declare function initializeAppCheck(app: FirebaseApp | undefined, options: AppCheckOptions): AppCheck;

Parameters

Parameter Type Description
app FirebaseApp | undefined the FirebaseApp to activate App Check for
options AppCheckOptions App Check initialization options

Returns:

AppCheck

function(appCheckInstance, ...)

getLimitedUseToken(appCheckInstance)

Requests a Firebase App Check token. This method should be used only if you need to authorize requests to a non-Firebase backend.

Returns limited-use tokens that are intended for use with your non-Firebase backend endpoints that are protected with Replay Protection. This method does not affect the token generation behavior of the #getAppCheckToken() method.

Signature:

export declare function getLimitedUseToken(appCheckInstance: AppCheck): Promise<AppCheckTokenResult>;

Parameters

Parameter Type Description
appCheckInstance AppCheck The App Check service instance.

Returns:

Promise<AppCheckTokenResult>

The limited use token.

getToken(appCheckInstance, forceRefresh)

Get the current App Check token. If forceRefresh is false, this function first checks for a valid token in memory, then local persistence (IndexedDB). If not found, or if forceRefresh is true, it makes a request to the App Check endpoint for a fresh token. That request attaches to the most recent in-flight request if one is present.

Signature:

export declare function getToken(appCheckInstance: AppCheck, forceRefresh?: boolean): Promise<AppCheckTokenResult>;

Parameters

Parameter Type Description
appCheckInstance AppCheck The App Check service instance.
forceRefresh boolean If true, will always try to fetch a fresh token. If false, will use a cached token if found in storage.

Returns:

Promise<AppCheckTokenResult>

onTokenChanged(appCheckInstance, observer)

Registers a listener to changes in the token state. There can be more than one listener registered at the same time for one or more App Check instances. The listeners call back on the UI thread whenever the current token associated with this App Check instance changes.

Signature:

export declare function onTokenChanged(appCheckInstance: AppCheck, observer: PartialObserver<AppCheckTokenResult>): Unsubscribe;

Parameters

Parameter Type Description
appCheckInstance AppCheck The App Check service instance.
observer PartialObserver<AppCheckTokenResult> An object with next, error, and complete properties. next is called with an AppCheckTokenResult whenever the token changes. error is optional and is called if an error is thrown by the listener (the next function). complete is unused, as the token stream is unending.

Returns:

Unsubscribe

A function that unsubscribes this listener.

onTokenChanged(appCheckInstance, onNext, onError, onCompletion)

Registers a listener to changes in the token state. There can be more than one listener registered at the same time for one or more App Check instances. The listeners call back on the UI thread whenever the current token associated with this App Check instance changes.

Signature:

export declare function onTokenChanged(appCheckInstance: AppCheck, onNext: (tokenResult: AppCheckTokenResult) => void, onError?: (error: Error) => void, onCompletion?: () => void): Unsubscribe;

Parameters

Parameter Type Description
appCheckInstance AppCheck The App Check service instance.
onNext (tokenResult: AppCheckTokenResult) => void When the token changes, this function is called with an AppCheckTokenResult.
onError (error: Error) => void Optional. Called if there is an error thrown by the listener (the onNext function).
onCompletion () => void Currently unused, as the token stream is unending.

Returns:

Unsubscribe

A function that unsubscribes this listener.

setTokenAutoRefreshEnabled(appCheckInstance, isTokenAutoRefreshEnabled)

Set whether App Check will automatically refresh tokens as needed.

Signature:

export declare function setTokenAutoRefreshEnabled(appCheckInstance: AppCheck, isTokenAutoRefreshEnabled: boolean): void;

Parameters

Parameter Type Description
appCheckInstance AppCheck The App Check service instance.
isTokenAutoRefreshEnabled boolean If true, the SDK automatically refreshes App Check tokens as needed. This overrides any value set during initializeAppCheck().

Returns:

void

AppCheckTokenListener

A listener that is called whenever the App Check token changes.

Signature:

export type AppCheckTokenListener = (token: AppCheckTokenResult) => void;