4

I am using the google firebase admin sdk and have followed the instructions to set it up. I am sending messages and notifications via FCM and this was working no problem but recently I noticed that our metrics were showing no notifications being sent to client devices.

Took a look at the Node.js output and am seeing:

errorInfo:
   { code: 'messaging/invalid-apns-credentials',
     message: 'Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.' },
  codePrefix: 'messaging' }

Keep in mind the credentials file I was using originally was working and nothing has changed in the environment.

Looking at the docs there is nothing about token expiration or handling auth of any kind beyond providing the json file that firebase admin sdk asks to start with:

var admin = require("firebase-admin");

var serviceAccount = require("path/to/serviceAccountKey.json");

admin.initializeApp({
  credential: admin.credential.cert(serviceAccount),
  databaseURL: "https://my-app-id.firebaseio.com"
});

If I log into the firebase console and check the service account I can see it and the only option I have is to generate a new private key (big blue button).

Is there something I should be doing to allow the credentials to remain in effect? Renewing a token or something? Nowhere in the FCM setup docs does it mention that and it seems to imply that nothing of that nature is required if you use the official firebase admin sdk. Here is the guide I followed: https://firebase.google.com/docs/admin/setup

Can anyone weigh in on if I need to add some extra code to catch when a cert expires and renew?

Thanks!

Rob Evans
  • 6,750
  • 4
  • 39
  • 56
  • Don't think this is an issue with your Firebase setup on the server, but with how you setup Firebase in your iOS app: `A message targeted to an iOS device could not be sent because the required APNs SSL certificate was not uploaded or has expired. Check the validity of your development and production certificates.` – Cisco May 21 '18 at 16:03
  • @francisco mateo that isn’t the error I’m seeing and I have both iOS and android devices and not receiving notifications for either. Not sure how what you’ve written is related to this at all. – Rob Evans May 21 '18 at 23:23
  • 1
    I am seeing the same and I see the error code `messaging/invalid-apns-credentials` in the `errorInfo`, which can be traced back to documentation here: https://firebase.google.com/docs/cloud-messaging/admin/errors which is related to the error @FranciscoMateo was mentioning above. – Andrew Gable Jun 19 '18 at 04:49

2 Answers2

1

Looking into the errorInfo code key I noticed it says: messaging/invalid-apns-credentials, more information into each errorInfo code can be found here: https://firebase.google.com/docs/cloud-messaging/admin/errors

This specific errorCode says:

messaging/invalid-apns-credentials - A message targeted to an iOS device could not be sent because the required APNs SSL certificate was not uploaded or has expired. Check the validity of your development and production certificates.

Personally, I had issues with my production APNs certificate, and was able to resolve it by regenerating a new certificate via developer.apple.com

To answer your original question, APNs certificates expire every year, so you will need to regenerate and re-upload them annually.

Andrew Gable
  • 2,692
  • 2
  • 24
  • 36
0

If the New push certificate created for the same AppID and contains the bundle ID of the existing app and push certificate is only used in firebase nowhere else then the old versions of your app should continue receiving push notifications using the new certificate, regardless of which certificate you use

Whenever you update your APNS certificate all version of the app that had to push notification will receive the notifications again. There is no need to update the app for this.

Hitesh Raviya
  • 129
  • 6
  • 13