Generates a challenge that protects the integrity of an immediately following integrity verdict request to the Play Integrity API. The next call to apps.exchangePlayIntegrityToken
using the resulting integrity token will verify the presence and validity of the challenge. A challenge should not be reused for multiple calls.
HTTP request
POST https://firebaseappcheck.googleapis.com/v1/{app=projects/*/apps/*}:generatePlayIntegrityChallenge
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
app |
Required. The relative resource name of the app, in the format:
If necessary, the |
Request body
The request body must be empty.
Response body
Response message for the apps.generatePlayIntegrityChallenge
method.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{ "challenge": string, "ttl": string } |
Fields | |
---|---|
challenge |
A one-time use challenge for the client to pass to the Play Integrity API. |
ttl |
The duration from the time this challenge is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration. A duration in seconds with up to nine fractional digits, ending with ' |
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/cloud-platform
https://www.googleapis.com/auth/firebase
For more information, see the Authentication Overview.