AI-generated Key Takeaways
-
The Instance ID API provides a unique identifier for each app instance and enables authentication and authorization.
-
Instance IDs are long-lived but can expire due to various factors like device reset, uninstallation, data clearing, extended inactivity, or service-detected issues.
-
Upon Instance ID reset, apps are notified and must retrieve a new ID using
getToken()and update their servers. -
The
getToken()method, using OAuth2 patterns, verifies Instance ID ownership and grants server access to associated data or services based on authorized entity and scope.
The Instance ID API lets you integrate Instance ID with your Android
or iOS app. Instance ID provides a unique identifier for each instance of
your app and a mechanism to authenticate and authorize actions. The InstanceID is long
lived, but may expire for the following reasons:
- Device factory reset.
- User uninstalls the app.
- User performs “Clear Data” in the app.
- Device unused for an extended period (device and region determines the timespan).
- Instance ID service detects abuse or errors and resets the
InstanceID. - Server-side code if your client app requires that functionality.
The Instance ID service notifies your app of an InstanceID reset via
callback to a InstanceIDListenerService. If your app receives this
notification, it must call getToken() and retrieve the new InstanceID,
and update its servers.
Use the getToken method to prove the ownership of the InstanceID and to allow
servers to access data or services associated with the app. The method follows
the patterns of OAuth2, and requires an authorizedEntity and scope. The
authorizedEntity can be a project ID or another InstanceID, and it determines
the services that are authorized to use the generated token. The scope
determines the specific service or data to which the token allows access.
Learn more about the Instance ID API for: