Firebase 401 unauthorized error FCM
AndroidFirebase Cloud-MessagingAndroid Problem Overview
I'm trying to test out Firebase Cloud messaging APIs as all functionality is not available from console (notably customization of notifications when app is in background). But for some reasons, I cannot get it to work, and it always shows up 401 error. I investigated the reasons for this, and tried it after regenerating new server key, but the error remains constant. Surprisingly, when I generated a new server key, it is not reflected in Firebase console and it shows server key as empty. Also, I tried adding my IP address to the server whitelist IPs but still no luck. I've attached a screenshot of a request that I did with Postman (I substitue the server key in place of serverKey.
I'm stuck on this for a few hours and would really appreciate some help.
Android Solutions
Solution 1 - Android
I don't know if someone uses the [Web API Key] as the [YOUR_SERVER_KEY] for POSTMAN test and keep getting '401 Error'. [Web API Key] is not [YOUR_SERVER_KEY].
You should go to your Firebase console and check this:
to get the correct Server key.
Hope it help.
Solution 2 - Android
I noticed from your screenshot that you were using "key: serverKey". Could you try using "key=serverKey" instead?
Also you don't need to have "POST fcm.googleapus.com/fcm/send"; this is not proper json and would explain the error you are seeing. The URL of the request is already defined elsewhere so remove it from the payload.
Solution 3 - Android
I faced the same problem.
the problem was that I was using the legacy server key. when I used the new version of the server key the problem solved.
in your firebase console goto settings -> cloud messaging
then use the new server key. it is longer than the old version key.
Solution 4 - Android
go to https://console.firebase.google.com/u/0/project/[project-name]/settings/cloudmessaging/
you can use Server Key or Legacy server key
Solution 5 - Android
I too am facing the Same problem... I am using curl in php for posting and it works only if I have php files stored on my LocalHost server. When I try to use access the files via a free hosting online, then it say Unautorized 401.
So I would suggest if you can, use the Localhost.
Solution 6 - Android
I have the same problem at Server Side Code(C#).
You basically used wrong Server Key (or API Key) for service side code.
Follow below Link over stackoverflow posted by me (Helpful to find Server Key (or API Key) )
Solution 7 - Android
I was facing the same problem, i solved it by using the following steps
1- In the server from where you are sending push, Use the browser key only, you can get it from Firebase console or google api console as I have highlighted in the below images:-
Firebase console, click on the project-->settings
Note : The Firebase console web api key and google console browser key are the same you can use either of them
2- If you follow the first step only you will get the Unauthorized error, to resolve this you need to authorize your browser key in google console by adding your server IP address from where you will send the push. Click on the edit pencil icon on the right side of your browser key in google api console, above first image
After adding your Ip address click save Make sure that your device token is not empty on which you are sending the push, I hope your push will be sent successfully now.
Solution 8 - Android
401 with FCM through HTTPv1 (Error and Solution for Bearer)
If you are using FCM via HTTP v1, then you will have to make two sucessive POST requests:
1/ In the first call, you make a POST request to 'https://accounts.google.com/o/oauth2/token'; (or using API packages) using your firebase service account key at
'https://console.firebase.google.com/u/0/project/{{firebaseProjectName}}/settings/serviceaccounts/adminsdk';
to get the access token.
2/ Then you have to make another POST request to 'https://fcm.googleapis.com/v1/projects/{{firebaseProjectName}}/messages:send';. If you have followed the steps for the migration from legacy HTTP to HTTP v1 (very clear documentation) on firebase website, you have to make some small changes at the content of the post request and also using 'Bearer ${accessToken.data}' for the Authorization.
In my case I was not properly awaiting for the accessToken in the first function (forgot the 'await' keyword in front of the function making the post request and AndroidStudio did not notice either that there was something wrong).
Make sure that you await the result of the first post request as it is a Future.
If you don't, Bearer will be null when you make the second POST request because you did not await for it.
Solution 9 - Android
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.util.EntityUtils;
import org.json.JSONArray;
import org.json.JSONObject;
import java.util.ArrayList;
import java.util.List;
import javax.validation.Valid;
import javax.validation.constraints.Size;
public class PushNotificationSubmit {
public static void main(String[] args) {
new PushNotificationSubmit().send("sample message title", "sample message body");
}
final String serverKey = "AAAA_*******";
final String fcmUrl = "https://fcm.googleapis.com/fcm/send";
/**
* note from google: The value should be an array of registration tokens to which to send the multicast message. The array must contain at least 1 and at most 1000 registration tokens.
* send to specific users
*
* @param messageTitle
* @param messageBody
* @param tokenList
*/
@Size.List({@Size(min = 1), @Size(max = 999)})
public void send(String messageTitle, String messageBody, List<String> tokenList) {
try {
String payloadJson = createMessageAsJson(messageTitle, messageBody, tokenList);
doSend(payloadJson);
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* send to all users that registered in my topic
*
* @param messageTitle
* @param messageBody
*/
public void send(String messageTitle, String messageBody) {
try {
String payloadJson = createMessageAsJson(messageTitle, messageBody, null);
doSend(payloadJson);
} catch (Exception e) {
e.printStackTrace();
}
}
private String createMessageAsJson(String messageTitle, String messageBody, List<String> tokenList) {
JSONObject payloadObj = new JSONObject();
try {
JSONObject notifyObj = new JSONObject();
notifyObj.put("title", messageTitle);
notifyObj.put("body", messageBody);
payloadObj.put("notification", notifyObj);
if (tokenList != null) {
if (tokenList != null && tokenList.size() > 0) {
JSONArray regId = new JSONArray();
for (int i = 0; i < tokenList.size(); i++) {
regId.put(tokenList.get(i));
}
payloadObj.put("registration_ids", regId);
}
} else {
payloadObj.put("to", "/topics/all");
}
return payloadObj.toString();
} catch (Exception e) {
// TODO: add logger
e.printStackTrace();
throw e;
}
}
private void doSend(String payloadJson) throws Exception {
HttpClient httpclient = HttpClientBuilder.create().build();
try {
HttpPost httpPost = new HttpPost(fcmUrl);
httpPost.setHeader("Content-Type", "application/json");
httpPost.setHeader("Authorization", "key=" + serverKey);
httpPost.setEntity(new StringEntity(payloadJson, "UTF-8"));
HttpResponse response = httpclient.execute(httpPost);
HttpEntity entity = response.getEntity();
System.out.println("push notification status: " + response.getStatusLine());
EntityUtils.consume(entity);
} finally {
httpclient.getConnectionManager().shutdown();
}
}
}
Solution 10 - Android
> In C# HttpClient response
For wrong server key it will happen, Invalid Key, Unauthorize, 401