Action Required: Update your Android Apps Integrated with Marketing Cloud Engagement MobilePush

To help admins understand the impact of changes to the authentication pattern for Android apps integrated with MobilePush, here’s a list of FAQs.

1. What’s the change?

To remain compliant with Google Firebase Cloud Messaging (FCM) changes, we updated the authentication pattern for Android apps integrated with MobilePush.

2. What is Google changing?

Google deprecated the Firebase Cloud Messaging (FCM) legacy APIs and will remove support for them entirely in July 2024. Google is migrating usage to a new API, called HTTP v1. User benefits of the new HTTP v1 API include better access security, more customization of message payloads, and future-proofed, extendable functionality.

3. What’s the impact for Marketing Cloud Engagement and MobilePush customers?

Prior to Google’s migration announcement, Marketing Cloud Engagement (MCE) used the FCM legacy API to send push notifications to Android devices. The legacy API uses server keys to authenticate. The new HTTP v1 API uses a different authentication pattern that requires a private key contained within the Firebase Service Account JSON file.

4. What action should I take?

To continue sending push notifications to Android devices through Marketing Cloud MobilePush Engagement, upload the service account JSON file for your apps by July 2024. For information on generating a private key file in Firebase, see Provide credentials manually in the developer documentation for Firebase Cloud Messaging. From the Administration tab in MobilePush, upload the service account JSON file for your active apps. For additional help, see help documentation here.

Check out this demo video for a full walkthrough of the steps needed.

Note: Please ensure you have enabled Firebase Cloud Messaging API (V1) via your Firebase console. You can do this via Project Settings > Cloud Messaging. Additionally, please ensure Project Owners & Members are up to date with the current Roles and Permissions, see Firebase IAM permissions for further details.

5. Does this change impact the MobilePush SDK?

No. There are no changes required with customers’ MobilePush SDK implementation or their app code.

6. Where in Marketing Cloud Engagement do customers upload their Service Account JSON file?

In MCE, customers go to MobilePush > MobilePush Administration > and click into the Android App that they must update.

7. Should I upload a file for each Android app in MobilePush?

Yes. Each instance of an Android app in Marketing Cloud must be associated with a valid Service Account JSON file. Customers with multiple apps must upload the JSON file multiple times.

8. Is there a bulk upload or EID level configuration?

No. Depending on the customer developer team’s Firebase project configuration, the customer may be able to reuse the same file.

9. Are current sends to Android devices impacted during the Service Account JSON file upload?

We don’t anticipate any impact to existing sends. We implemented additional internal monitoring and alerting to ensure a successful transition to HTTP v1 after the Service Account JSON file is uploaded. The switch is transparent to customers, and there’s no additional action that they must take.

10. What’s the impact if I don’t take the suggested action?

If you don’t update the Google authentication method by uploading the appropriate Service Account JSON file via MobilePush Administration by July 22, 2024, you won’t be able to send push notifications to Android devices. Google has noted that sending messages via the legacy FCM API will gradually stop working starting on July 22, 2024.

If your Application is not updated to the new authentication pattern, you will start to see sends fail due to 'Deprecated API' errors or service responses, when reviewing the MobilePush Message Detail Extract Report.

11. How do I know if the JSON file upload was successful?

A green Enabled badge in the MobilePush Administration app detail page is visible.

12. How can I test my Google configuration?

Test app authentication by conducting a test send to one of your QA or testing devices. Also, you can use the new MobilePush Diagnostic Tool to confirm that the configuration is correct.

13. Where can I ask more questions?

Join the conversation in the Marketing Cloud Trailblazer Group, where our Product team is standing by to answer your questions.

14. Where can I get more information?

For more details, read the Upload the New Authentication Pattern for Android Applications in MobilePush or open a case with Salesforce Help.