I’m interested in using the ExpoPushToken to send push notifications to my users. I am concerned that if the ExpoPushToken is leaked, a bad actor can send arbitrary notifications to users. I noticed that in the Node library: GitHub - expo/expo-server-sdk-node: Server-side library for working with Expo using Node.js, there is a reference to “enabling push security” and providing an access token but I didn’t find any information on how to do this. Is this a planned feature that hasn’t been implemented yet, or is there a place where I can read up on it? Thanks
Yes, we are currently testing a feature to provide an additional layer of security in case your users’ push tokens were compromised. If you’d like to help us test before it is generally available, just let us know which account you would be testing on.