The Firebase App Check Web SDK.
Firebase App Check does not work in a Node.js environment using ReCaptchaV3Provider
or ReCaptchaEnterpriseProvider
, but can be used in Node.js if you use CustomProvider
and write your own attestation method.
Functions
Function | Description |
---|---|
function(app, ...) | |
initializeAppCheck(app, options) | Activate App Check for the given app. Can be called only once per app. |
function(appCheckInstance, ...) | |
getLimitedUseToken(appCheckInstance) | Requests a Firebase App Check token. This method should be used only if you need to authorize requests to a non-Firebase backend.Returns limited-use tokens that are intended for use with your non-Firebase backend endpoints that are protected with Replay Protection. This method does not affect the token generation behavior of the #getAppCheckToken() method. |
getToken(appCheckInstance, forceRefresh) | Get the current App Check token. If forceRefresh is false, this function first checks for a valid token in memory, then local persistence (IndexedDB). If not found, or if forceRefresh is true, it makes a request to the App Check endpoint for a fresh token. That request attaches to the most recent in-flight request if one is present. |
onTokenChanged(appCheckInstance, observer) | Registers a listener to changes in the token state. There can be more than one listener registered at the same time for one or more App Check instances. The listeners call back on the UI thread whenever the current token associated with this App Check instance changes. |
onTokenChanged(appCheckInstance, onNext, onError, onCompletion) | Registers a listener to changes in the token state. There can be more than one listener registered at the same time for one or more App Check instances. The listeners call back on the UI thread whenever the current token associated with this App Check instance changes. |
setTokenAutoRefreshEnabled(appCheckInstance, isTokenAutoRefreshEnabled) | Set whether App Check will automatically refresh tokens as needed. |
Classes
Class | Description |
---|---|
CustomProvider | Custom provider class. |
ReCaptchaEnterpriseProvider | App Check provider that can obtain a reCAPTCHA Enterprise token and exchange it for an App Check token. |
ReCaptchaV3Provider | App Check provider that can obtain a reCAPTCHA V3 token and exchange it for an App Check token. |
Interfaces
Interface | Description |
---|---|
AppCheck | The Firebase App Check service interface. |
AppCheckOptions | Options for App Check initialization. |
AppCheckToken | The token returned from an App Check provider. |
AppCheckTokenResult | Result returned by getToken() . |
CustomProviderOptions | Options when creating a CustomProvider. |
Type Aliases
Type Alias | Description |
---|---|
AppCheckTokenListener | A listener that is called whenever the App Check token changes. |
function(app, ...)
initializeAppCheck(app, options)
Activate App Check for the given app. Can be called only once per app.
Signature:
export declare function initializeAppCheck(app: FirebaseApp | undefined, options: AppCheckOptions): AppCheck;
Parameters
Parameter | Type | Description |
---|---|---|
app | FirebaseApp | undefined | the FirebaseApp to activate App Check for |
options | AppCheckOptions | App Check initialization options |
Returns:
function(appCheckInstance, ...)
getLimitedUseToken(appCheckInstance)
Requests a Firebase App Check token. This method should be used only if you need to authorize requests to a non-Firebase backend.
Returns limited-use tokens that are intended for use with your non-Firebase backend endpoints that are protected with Replay Protection. This method does not affect the token generation behavior of the #getAppCheckToken() method.
Signature:
export declare function getLimitedUseToken(appCheckInstance: AppCheck): Promise<AppCheckTokenResult>;
Parameters
Parameter | Type | Description |
---|---|---|
appCheckInstance | AppCheck | The App Check service instance. |
Returns:
Promise<AppCheckTokenResult>
The limited use token.
getToken(appCheckInstance, forceRefresh)
Get the current App Check token. If forceRefresh
is false, this function first checks for a valid token in memory, then local persistence (IndexedDB). If not found, or if forceRefresh
is true, it makes a request to the App Check endpoint for a fresh token. That request attaches to the most recent in-flight request if one is present.
Signature:
export declare function getToken(appCheckInstance: AppCheck, forceRefresh?: boolean): Promise<AppCheckTokenResult>;
Parameters
Parameter | Type | Description |
---|---|---|
appCheckInstance | AppCheck | The App Check service instance. |
forceRefresh | boolean | If true, will always try to fetch a fresh token. If false, will use a cached token if found in storage. |
Returns:
Promise<AppCheckTokenResult>
onTokenChanged(appCheckInstance, observer)
Registers a listener to changes in the token state. There can be more than one listener registered at the same time for one or more App Check instances. The listeners call back on the UI thread whenever the current token associated with this App Check instance changes.
Signature:
export declare function onTokenChanged(appCheckInstance: AppCheck, observer: PartialObserver<AppCheckTokenResult>): Unsubscribe;
Parameters
Parameter | Type | Description |
---|---|---|
appCheckInstance | AppCheck | The App Check service instance. |
observer | PartialObserver<AppCheckTokenResult> | An object with next , error , and complete properties. next is called with an AppCheckTokenResult whenever the token changes. error is optional and is called if an error is thrown by the listener (the next function). complete is unused, as the token stream is unending. |
Returns:
A function that unsubscribes this listener.
onTokenChanged(appCheckInstance, onNext, onError, onCompletion)
Registers a listener to changes in the token state. There can be more than one listener registered at the same time for one or more App Check instances. The listeners call back on the UI thread whenever the current token associated with this App Check instance changes.
Signature:
export declare function onTokenChanged(appCheckInstance: AppCheck, onNext: (tokenResult: AppCheckTokenResult) => void, onError?: (error: Error) => void, onCompletion?: () => void): Unsubscribe;
Parameters
Parameter | Type | Description |
---|---|---|
appCheckInstance | AppCheck | The App Check service instance. |
onNext | (tokenResult: AppCheckTokenResult) => void | When the token changes, this function is called with an AppCheckTokenResult. |
onError | (error: Error) => void | Optional. Called if there is an error thrown by the listener (the onNext function). |
onCompletion | () => void | Currently unused, as the token stream is unending. |
Returns:
A function that unsubscribes this listener.
setTokenAutoRefreshEnabled(appCheckInstance, isTokenAutoRefreshEnabled)
Set whether App Check will automatically refresh tokens as needed.
Signature:
export declare function setTokenAutoRefreshEnabled(appCheckInstance: AppCheck, isTokenAutoRefreshEnabled: boolean): void;
Parameters
Parameter | Type | Description |
---|---|---|
appCheckInstance | AppCheck | The App Check service instance. |
isTokenAutoRefreshEnabled | boolean | If true, the SDK automatically refreshes App Check tokens as needed. This overrides any value set during initializeAppCheck() . |
Returns:
void
AppCheckTokenListener
A listener that is called whenever the App Check token changes.
Signature:
export type AppCheckTokenListener = (token: AppCheckTokenResult) => void;