I am trying to start using app check for my application.
I have https backend and need to get on an Android client-side app check token by myself.
To get the app check token on Android I use this code
FirebaseAppCheck.getInstance().getAppCheckToken(false)
.addOnSuccessListener { appCheckToken ->
//saving token somewhere
}
.addOnFailureListener { e ->
Log.e("MyApp", "Failed to get App Check token", e)
}
I had a few times when it was successful to get this token. But most of the time I get an exception "Too many attempts" (see screenshot attached).
So I have the following questions:
-
Why do I get this error? Maybe I overlapped some limits. Then what are that limits?
-
If the reason is in some limits. How can I deal with it during development? I mean sometimes it’s necessary to get new tokens more often than it will happen on the side of a real user.
Can somebody help me with this problem?
2
Answers
When you’re using Firebase App Check, please note that your use is subject to some quotas and limits:
Since you’re using Kotlin, the first limit doesn’t apply. The last two as well, as I don’t think you can easily reach 1 million reCAPTCHA calls. So most likely, you’re reaching 10,000 calls for its Standard API usage tier. In this case, you have to examine your code and find what exactly can produce such a high number of calls. Most likely, a call to getAppCheckToken that exists inside a loop or anything similar.
I also want to suggest a few things to save your quota limit:
Keep thread-safe firebase function call, to prevent multiple network requests into Firebase Backend Services
In case you are interested in building a flexible solution – to connect AppCheck Token for X number of requests and do not care about synchronized calls – check the GitHub repository. I have described the problem and suggested a working solution
https://github.com/maxim-petlyuk/firebase-appcheck-interceptor