Configure Firebase Cloud Messaging

This page will guide you through how to configure mobile push notifications with Firebase Cloud Messaging (FCM).

Note: Google has deprecated FCM legacy APIs in June 2023. For push notifications to continue to work, you will need to generate and provide a service account private key at the earliest opportunity and before 20 June 2024. Follow the steps in this guide to generate a service account private key with appropriate service account permissions.

Generate a service account private key

To configure mobile sending push notifications via Firebase, generate a service account JSON file that contains a private key and upload this file to your TalkJS dashboard, as follows:

  1. Login to the Firebase console.
  2. Select the Firebase project that contains the app for which you want to configure push notifications.
  3. Follow the Firebase instructions to generate a new private key for a service account.
  4. Go to your TalkJS dashboard and select the Settings tab.
  5. In the section 'Mobile push notifications', under 'Firebase Cloud Messaging (FCM)', click Browse to upload the JSON file that contains your key.

Section in the TalkJS dashboard to upload the JSON file containing your Firebase private key. At the top is the heading 'Mobile push notifications', followed by the heading 'Android' and a space to upload and save a file related to Firebase Cloud Messaging (FCM).

  1. Click Save to save the file to your TalkJS dashboard.

You now have configured sending push notifications via Firebase.

Caution: When generating a new private key, Firebase will by default create a service account for you with broad permissions, which can be a security risk if not managed correctly. The following steps will guide you through how to finetune permissions to keep your Firebase service account secure. For more information on secure key management in Firebase, see: Best practices for managing service account keys.

Adjust Google Cloud service account permissions

In Google Cloud, you can fine-tune permissions by assigning your service account a role with the minimal permissions needed for mobile push notifications.

Note: You can also create a new service account with minimal permissions, rather than edit the service account automatically generated by Google Cloud. This guide covers how to edit the auto-generated service account.

  1. Login to your Google Cloud console. Make sure that you have the project for which you have enabled push notifications selected.
  2. Follow the Google Cloud instructions to create a custom role.
  • Select cloudmessaging.messages.create as the only permission for your custom role.
  1. Follow the Google Cloud instructions to grant a role to a service account (also called principal).
  • Select the service account auto-generated by Firebase with the role Firebase Admin SDK Administrator Service Agent assigned to it.
  • For this auto-generated service account, delete the Firebase Admin SDK Administrator Service Agent role, and add the role you created in Step 2.

You have now fine-tuned permissions for your service account in Google Cloud, by assigning your service account a role with the minimal permissions needed for mobile push notifications.

If you have any issues receiving push notifications you can reach out to us via our support chat.