IBM Cloud Push Notifications helps deliver timely and relevant notifications to mobile devices and browsers.

Notifications can be targeted to all application users or to a specific set of users and devices using tags. Insights can be obtained on delivery and receipt of notifications to the targeted users.

IBM Push Notifications offers a rich set of APIs that can be accessed from your backend server applications or client applications to consume some of the capabilities, such as tags, subscriptions, and web hooks.

The Push Notifications APIs are secured using one of the following two methods:

  • clientSecret: The clientSecret protects APIs that are typically started by mobile client applications. The clientSecret is allocated to every service instance at the time of binding an application with Push Notifications service.
  • API Keys: Application programming interface keys (API keys) are available through Cloud IAM for you to use in order to authenticate. These API keys are provided through Cloud IAM.

REST API documentation provides information on the APIs that use clientSecret versus the APIs which use Cloud IAM-based authentication tokens.

Change in authentication type

In order to improve the security for our APIs, we are announcing the change of the authentication type from clientSecret to Cloud IAM based authentication for the following APIs.

  1. GET /apps/{applicationId}/settings/webpushServerKey
  2. GET /apps/{applicationId}/devices 
  3. GET /apps/{applicationId}/messages/{messageId}/deliverystatus 

Note: The three APIs mentioned above currently support the use of both clientSecret as well as IAM-based tokens for authentication. Due to security considerations, we will deprecate the use of clientSecret as an authentication type for these APIs as of August 30, 2020.

Action required

Review your usage of the Push Notification service APIs to check if you are using any of the three APIs mentioned above.

If you are still using clientSecret for authentication with these APIs,  you should immediately move to use IAM-based tokens for authentication as the clientSecret will be removed as an authentication option.


More from Announcements

IBM TechXchange underscores the importance of AI skilling and partner innovation

3 min read - Generative AI and large language models are poised to impact how we all access and use information. But as organizations race to adopt these new technologies for business, it requires a global ecosystem of partners with industry expertise to identify the right enterprise use-cases for AI and the technical skills to implement the technology. During TechXchange, IBM's premier technical learning event in Las Vegas last week, IBM Partner Plus members including our Strategic Partners, resellers, software vendors, distributors and service…

Introducing Inspiring Voices, a podcast exploring the impactful journeys of great leaders

< 1 min read - Learning about other people's careers, life challenges, and successes is a true source of inspiration that can impact our own ambitions as well as life and business choices in great ways. Brought to you by the Executive Search and Integration team at IBM, the Inspiring Voices podcast will showcase great leaders, taking you inside their personal stories about life, career choices and how to make an impact. In this first episode, host David Jones, Executive Search Lead at IBM, brings…

IBM watsonx Assistant and NICE CXone combine capabilities for a new chapter in CCaaS

5 min read - In an age of instant everything, ensuring a positive customer experience has become a top priority for enterprises. When one third of customers (32%) say they will walk away from a brand they love after just one bad experience (source: PWC), organizations are now applying massive investments to this experience, particularly with their live agents and contact centers.  For many enterprises, that investment includes modernizing their call centers by moving to cloud-based Contact Center as a Service (CCaaS) platforms. CCaaS solutions…

See what’s new in SingleStoreDB with IBM 8.0

3 min read - Despite decades of progress in database systems, builders have compromised on at least one of the following: speed, reliability, or ease. They have two options: one, they could get a document database that is fast and easy, but can’t be relied on for mission-critical transactional applications. Or two, they could rely on a cloud data warehouse that is easy to set up, but only allows lagging analytics. Even then, each solution lacks something, forcing builders to deploy other databases for…