Get 403 response with the "new" Firebase Cloud Messaging API

Question

We are successfully using the Legacy HTTP Server Protocol on our server for FCM. I wanted to update to FCM HTTP v1 API today.

I did it step by step and when the server calls the request, we get this response:

Server returned HTTP response code: 403 for URL: https://fcm.googleapis.com/v1/projects/[projectid]/messages:send

This is the server code:

URL url = new URL("https://fcm.googleapis.com/v1/projects/[projectid]/messages:send");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("Authorization", "Bearer " + getAccessToken());
conn.setRequestProperty("Content-Type", "application/json");
OutputStream outputStream = conn.getOutputStream();
outputStream.write(req.getBytes("UTF-8"));

// Exception happen here
InputStream inputStream = conn.getInputStream();

The getAccessToken():

private static String getAccessToken() throws IOException {
        GoogleCredential googleCredential = GoogleCredential
            .fromStream(new FileInputStream(ClientApiServlet.context.getRealPath("/WEB-INF/[projectid].json")))         .createScoped(Arrays.asList("https://www.googleapis.com/auth/firebase.messaging"));
        googleCredential.refreshToken();
        return googleCredential.getAccessToken();
}

I have downloaded the json file from the adminsdk page of the firebase cloud.

All with the same projectid...

I updated these 2 libs on the server:

google-http-client-jackson2-1.23.0.jar
google-oauth-client-1.23.0.jar

The getAccessToken() methode returned an accesstoken: "ya29.c.Elr0BAa..."

I think, I miss a small step, maybe you could help? Thanks in advance!

Edit: It is working now with the hint of arterpa! Thanks again!

After that I got a 400 error, so something in the request data was wrong:

The problem was, we didn't converted all data{...}values to strings. With the legacy protocol it was not an issue, but with FCM HTTP v1 API it has to be strings! ;)

Answer 1

I was able to get it to work using firebase-admin:

var admin = require("firebase-admin");
const sendPush = async (event) => {
  const deviceToken = event.deviceToken;
  const messageType = event.messageType;
  const message = event.message;
  const serviceAccount = require('<*your_key*>.json');  
      admin.initializeApp({
        credential: admin.credential.cert(serviceAccount)
      });
    
      const messaging = admin.messaging()
      var payload = {
          token: deviceToken,
          notification: {
              title: messageType,
              body: message
          },
          android: {
            notification: {
              sound: 'ringing', // or specify your custom sound here
            },
          }      
        };
    
    
      messaging.send(payload)
      .then((result) => {
          console.log(result)
      })
 }

You can get your_key from the firebase console service accounts. Click 'Firebase Admin SDK' then click 'Generate new private key' on bottom and save this file.

Answer 2

I was having this issue of getting a 403 from the FCM HTTP v1 API. I had FCM Messaging API enabled, but my problem was that the service account I was using didn't have the correct role to make requests to the FCM API. You can try creating a new service account with the "project Owner" role to see if that helps.

Answer 3

I had this problem, and it seems you need to enable FCM API for your project at Google API console.