Note: For up-to-date product documentation, see the IBM MobileFirst Foundation Developer Center.
Security for push notification clients
Every client interacting with push must provide a valid access token with the required scopes.
For mobile client applications, IBM MobileFirst™ Platform Foundation SDK orchestrates the OAuth flow so that the mobile client application obtains a valid access token with the required scope.
The back-end server applications must register as confidential clients and must also implement the OAuth flow with the IBM MobileFirst Platform Foundation authorization server to obtain a valid access token with the required scopes.
For information on push scopes and the semantics that server applications can use as appropriate
when obtaining a token, see Table 1. For
information on configuring a confidential client, see Confidential clients.
Scope | Meaning |
---|---|
apps.read | Permission to read application resource. |
apps.write | Permission to create, update, delete application resource. |
gcmConf.read | Permission to read GCM configuration settings (API Key and SenderId). |
gcmConf.write | Permission to update, delete GCM configuration settings. |
apnsConf.read | Permission to read APNs configuration settings. |
apnsConf.write | Permission to update, delete APNs configuration settings. |
devices.read | Permission to read device. |
devices.write | Permission to create, update delete device. |
subscriptions.read | Permission to read subscriptions. |
subscriptions.write | Permission to create, update, delete subscriptions. |
messages.write | Permission to send push notifications. |
webhooks.write | Permission to read event-notifications. |
webhooks.read | Permission to read event-notifications. |
smsConf.read | Permission to read SMS configuration settings. |
smsConf.write | Permission to update, delete SMS configuration settings. |
wnsConf.read | Permission to read WNS configuration settings. |
wnsConf.write | Permission to update, delete WNS configuration settings. |