Reputation: 137
Google Play Integrity Quota Increase
Google Play Integrity Quota Increase
How are you calling the Play Integrity API? My app is calling the API directly
How often will you call the API for each user? Once per 15 min
Is there any PII or SPII used for the nonce (e.g. user id, user name, phone number, Android ID, SSN, etc)? Yes, but hashed or encrypted
How are you validating Play Integrity API responses? Server side - by calling Play’s server to decrypt and verify
How does your app retry in case of Play Integrity API errors? Retry with exponential backoff
How will your app act when the Play Integrity API detects risky traffic? Deny access to functionality (for example, users won’t be able to log-in). I want unauthorized usage of my app to go down.
Quota request - Estimated total queries per day 1,000,000 to 10,000,000 (1M to 10M)
Rejected 4 Times - Unable to understand what is going wrong here.
Reason - We’re unable to fulfill your request for Consumer Project ID “551385724102” for the requested 1,000,000 to 10,000,000 (1M to 10M) queries per day as we have identified that your method of validating Play Integrity API responses is incorrect.
Any suggestion or anything that i'm doing wrong here..
Reference Form - https://support.google.com/googleplay/android-developer/contact/piaqr
Read the documentation, yet was unable to find the correct way. In many places, it did mention that it is decrypted by google managed service but on selecting this as an option, it was marked as incorrect. Bit confused..
Upvotes: 2
Views: 1184
Answers (1)
Reputation: 328
Please check what do you sent on the server side as a packageName
// Example in Java but applies for all Play Integrity server requests
playIntegrity.v1()
.decodeIntegrityToken("YourPackageNameHere", integrityRequestToken)
.execute();
If the packageName is wrong (too often?) Google will deny your request.
Edit:
15 minutes is a really short time tbh.
You should only do Play Integrity requests before operations that require a high level of security.
Google might also deny your request because they think you overuse the API.
Upvotes: 0
Related Questions
- Android - Google Play Integrity API returns an empty device integrity
- Google play Integrity best practice
- Google play integrity api issue in flutter
- android google play integrity exponential backoff retry is blocking main application thread
- What are Google Play Integrity constants AES_KEY_SIZE_BYTES, AES_KEY_TYPE and EC_KEY_TYPE
- Api Integrity Issues