Amazon Pinpoint
User Guide

Managing Mobile Push Channels with Amazon Pinpoint

Using the console, you can update the credentials that allow Amazon Pinpoint to send push notifications to iOS and Android devices. You can provide credentials for the following push notification services, each of which is supported by an Amazon Pinpoint channel:

  • Firebase Cloud Messaging (FCM)

  • Apple Push Notification service (APNs)

  • Baidu Cloud Push

  • Amazon Device Messaging (ADM)

To update push notification settings

  1. Sign in to the AWS Management Console and open the Amazon Pinpoint console at https://console.aws.amazon.com/pinpoint/.

  2. On the Projects page, choose the project for which you want to manage push notification settings.

  3. In the navigation pane, under Settings, choose Push notifications.

  4. Next to Push notifications, choose Edit.

  5. On the Push notification services page, you can update your credentials for the following services:

    • FCM – Requires an API key (also referred to as a server key), which you get from the Firebase console. For more information about obtaining FCM credentials, see Credentials in the Firebase documentation.

    • APNs – Requires an authentication token signing key or a TLS certificate, which you get from your Apple developer account. For more information, see the Managing APNs Settings section.

    • Baidu – Requires an API key and a secret key, which you get from your Baidu Cloud Push project.

    • ADM – Requires the OAuth Credentials (Client ID and Client Secret) from your Amazon Developer account. For more information, see Obtaining Amazon Device Messaging Credentials in the Amazon Developer documentation.

  6. When you finish, choose Save.

Managing APNs Settings

On the Settings page, for APNs, you can authorize Amazon Pinpoint to send push notifications to your iOS app by providing information about your APNs key or certificate:

Key

A private signing key used by Amazon Pinpoint to cryptographically sign APNs authentication tokens. You obtain the signing key from your Apple developer account.

If you provide a signing key, Amazon Pinpoint uses a token to authenticate with APNs for every push notification that you send. With your signing key, you can send push notifications to APNs production and sandbox environments.

Unlike certificates, your signing key does not expire. You only provide your key once, and you don't need to renew it later. You can use the same signing key for multiple apps. For more information, see Communicate with APNs using authentication tokens in Xcode Help.

Certificate

A TLS certificate that Amazon Pinpoint uses to authenticate with APNs when you send push notifications. An APNs certificate can support both production and sandbox environments, or it can support only the sandbox environment. You obtain the certificate from your Apple developer account.

A certificate expires after one year. When this happens, you must create a new certificate, which you then provide to Amazon Pinpoint to renew push notification deliveries. For more information, see Communicate with APNs using a TLS certificate in Xcode Help.

To manage APNs settings

  1. For Authentication type, choose Key credentials or Certificate credentials to manage the settings for that type.

    • If you choose Key credentials, provide the following information from your Apple developer account at https://developer.apple.com/account/. Amazon Pinpoint requires this information to construct authentication tokens.

      • Key ID – The ID assigned to your signing key. To find this value, choose Certificates, IDs & Profiles, and choose your key in the Keys section.

      • Bundle identifier – The ID assigned to your iOS app. To find this value, choose Certificates, IDs & Profiles, choose App IDs in the Identifiers section, and choose your app.

      • Team identifier – The ID assigned to your Apple developer account team. This value is provided on the Membership page.

      • Authentication key – The .p8 file that you download from your Apple developer account when you create an authentication key. Apple allows you to download your authentication key only once.

    • If you choose Certificate credentials, provide the following information:

      • SSL certificate – The .p12 file for your TLS certificate. You can export this file from Keychain Access after you download and install your certificate from your Apple developer account.

      • Certificate password – If you assigned a password to your certificate, specify it here.

  2. For Production support, choose Yes if your certificate supports sending push notifications to the APNs production environment.

    Important

    Don't enable this option if your certificate only supports the sandbox environment.

  3. For Default authentication type, choose whether Amazon Pinpoint authenticates with APNs using your signing key or your TLS certificate by default. Amazon Pinpoint uses this default for every APNs push notification that you send using the console. You can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK. If your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.

  4. When you finish, choose Save.

On this page: