Expo Push Token Security

jazonrizehq · September 30, 2020, 10:24pm

SDK Version: 38
Platforms(Android/iOS/web/all): Android/iOS

I’m interested in using the ExpoPushToken to send push notifications to my users. I am concerned that if the ExpoPushToken is leaked, a bad actor can send arbitrary notifications to users. I noticed that in the Node library: GitHub - expo/expo-server-sdk-node: Server-side library for working with Expo using Node.js, there is a reference to “enabling push security” and providing an access token but I didn’t find any information on how to do this. Is this a planned feature that hasn’t been implemented yet, or is there a place where I can read up on it? Thanks

thetc · September 30, 2020, 10:36pm

Hi @jazonrizehq,

Yes, we are currently testing a feature to provide an additional layer of security in case your users’ push tokens were compromised. If you’d like to help us test before it is generally available, just let us know which account you would be testing on.

Cheers,
TC

jazonrizehq · September 30, 2020, 10:40pm

Hi, I am interested. The testing account is @jazonrizehq. Thanks!

thetc · October 6, 2020, 5:05pm

Hi @jazonrizehq, you should be all set up! You can access the setting for additional push security from https://expo.io/settings/access-tokens.
Please let me know once you have a chance to try it!

Cheers,
TC

jazonrizehq · October 6, 2020, 5:22pm

Thank you so much!

system · October 26, 2020, 5:22pm

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Push Notification Security Expo SDK	2	311	October 14, 2020
Restricting Expo push notification token use Expo SDK	3	138	October 14, 2022
Expo Notifications - getExpoPushTokenAsync Expo Development Tools	4	2432	April 20, 2020
Expo Push Tokens are the same on different devices with different APN tokens Expo SDK notifications	5	543	June 16, 2021
Unable to get expo push token in app Expo SDK	2	464	September 4, 2019

Expo Push Token Security

Related Topics