How to send POST requests from iOS (swift) to GCP in real time?

Question

We are planning to make a recommendations engine for the features in the app and we were thinking about using GCP Recommendations AI. Then, we ran into some unclear areas due to lack of examples.

When we send POST requests from iOS (swift) to GCP, is there a way to get access-token for the header field "Authorization: Bearer $(gcloud auth application-default print-access-token)" using Firebase iOS SDK? Could you please point us to some resources that we can follow. If it's not possible to do easily, what is the easiest secure method that you recommend? Any resources? example use case, we found.

Could you guys please help us with this?

Answer 1

Calling the Google Cloud Recommendations AI API requires that you specify the OAuth2 access token for a Google account.

Firebase Authentication uses a JWT ID token to identify the users. These are not Google accounts, as for example you could create a user with email/password that Google's account system knows nothing about.

It is idiomatic to only call the Google Cloud APIs from a trusted environment, such as your development machine, a server you control, or Cloud Functions. This is done to protect yourself from abuse, as (unlike Firebase services) most Google Cloud APIs don't provide a mechanism to control access directly from the client.

So you'll typically want to wrap the GCP API in custom server-side code, that checks whether the user is authorized, and then call that from within your client-side application code.