In Google Cloud Platform I can generate credentials to any Google service with iOS bundle ID restriction or SHA1 fingerprint for Android. To make a request to Google API I have to add the http header "X-Ios-bundle-indentifier". So how GCP validates that bundle? Bundle ID and API Key may be read from IPA by reverse engineering. Moreover bundle id is not private value.
Asked
Active
Viewed 241 times
1
-
I found this doc, Does [this](https://cloud.google.com/identity-platform/docs/reference/rest/v1/accounts/sendVerificationCode) help you and if you could provide more details it will be helpful. – Mahboob Sep 17 '20 at 21:10
-
1Your link is about user email verification. I asked about client authorization (mobile app) in backend like Firebase. – piotrpawlowski Sep 18 '20 at 08:10