Skip to main content
Sendrealm needs provider credentials before it can send mobile push notifications for your app. These credentials prove to Firebase and Apple that Sendrealm is allowed to send notifications for your Android and iOS apps. There are two separate provider setups:
  • Android uses Firebase Cloud Messaging, often called FCM.
  • iOS uses Apple Push Notification service, usually called APNs.
You only need the provider that matches the platform you are shipping. If your app ships on both Android and iOS, configure both.
Firebase service account JSON files and APNs .p8 files are sensitive production credentials. Upload them only in the Sendrealm dashboard, store backups in a secure secret manager, and rotate them if you suspect exposure.

What Goes Where

It is easy to confuse the different Firebase and Apple files. Use this table as the quick map:
ItemPlatformWhere it goesWhat it is for
Firebase service account JSON private keyAndroidSendrealm dashboardLets Sendrealm send Android push through FCM.
google-services.jsonAndroidYour app projectRequired app-side Firebase Android configuration.
APNs .p8 private keyiOSSendrealm dashboardLets Sendrealm send iOS push through APNs.
APNs Key IDiOSSendrealm dashboardIdentifies the Apple private key.
Apple Team IDiOSSendrealm dashboardIdentifies your Apple developer team.
iOS Bundle IDiOSSendrealm dashboard and appIdentifies the iOS app topic APNs sends to.
Android apps need google-services.json in the app and a Firebase service account private key JSON in Sendrealm. The two files are not interchangeable.

Before You Start

You need:
  • A Sendrealm project and app in the dashboard.
  • Firebase project owner or admin access for Android setup.
  • Apple Developer Account Holder or Admin access for iOS setup.
  • Android application ID, for example com.example.app.
  • iOS bundle ID, for example com.example.app.
  • A real Android device or Google Play emulator for Android testing.
  • A physical iOS device for APNs testing.

Android: Create The Firebase Key

Use this section for Android push delivery through Firebase Cloud Messaging.

Step 1: Open The Firebase Project

  1. Open the Firebase console.
  2. Select the Firebase project for your Android app.
Use the same Firebase project that owns the Android app package you ship to users.

Step 2: If You Start From Google Cloud, Add Firebase First

If your project already exists in Google Cloud but not Firebase, open the Firebase console and choose Add Firebase to Google Cloud project. Select the existing Google Cloud project and complete the Firebase setup. After Firebase is added, continue with the Android app registration steps below. google-services.json is generated from the Firebase Android app registration flow, not directly from the regular Google Cloud console.

Step 3: Register The Android App

If the Android app is not registered in Firebase yet:
  1. From the Firebase project overview, add an Android app.
  2. Enter the exact Android package name used by your app.
  3. Complete the app registration flow.
The package name is usually your native Android applicationId, for example com.example.app. It is case-sensitive and must match the app that users install.

Step 4: Download google-services.json

Firebase offers google-services.json during Android app setup. Download it and keep it in your app project. Where the file goes depends on your app type:
App typeWhere to put google-services.json
Native Androidapp/google-services.json
React Native Bareandroid/app/google-services.json
React Native ExpoSave it in the Expo project, then set android.googleServicesFile so prebuild copies it to android/app/google-services.json.
Make sure the file name is exactly google-services.json. If your browser downloads google-services (1).json, rename it before using it. This file is not enough for Sendrealm server-side push. Continue to the next step to create the private key Sendrealm needs.

Step 5: Generate The Service Account Private Key

  1. In Firebase, open Project settings.
  2. Open the Service accounts tab.
  3. Click Generate new private key.
  4. Confirm the download.
  5. Save the downloaded JSON file securely.
This JSON file contains service account credentials. Sendrealm uses it to authorize FCM HTTP v1 send requests.

Step 6: Upload The Firebase Key To Sendrealm

In Sendrealm:
  1. Open your project.
  2. Open the app or push provider settings.
  3. Choose Android or Firebase provider settings.
  4. Upload the Firebase service account JSON file.
  5. Save the provider.
After saving, send a test push to an initialized Android device.

Android Values To Check

Before testing Android push, confirm:
  • Firebase project matches the app you ship.
  • Android package name in Firebase exactly matches your app applicationId.
  • Package name casing is identical.
  • Firebase service account belongs to the same Firebase project.
  • The uploaded file is a full JSON private key file.
  • google-services.json is present in the Android app.
  • The Google Services Gradle plugin is applied for native Android and React Native Bare apps.
  • The Android device or emulator has Google Play services.
  • The app has initialized the Sendrealm Android or React Native SDK.
  • Android 13 and newer devices have notification permission granted.

Android Common Mistakes

MistakeResult
Uploading google-services.json instead of service account JSONSendrealm cannot authorize server-side FCM sends.
Forgetting to add google-services.json to the Android appThe app may not have the Firebase Android configuration it needs.
Firebase package name does not match app package nameDevice token registration or delivery can fail.
Testing on emulator without Google Play servicesFCM token may never be created.
Forgetting Android 13 notification permissionToken may register, but notifications may not display.
Using an old deleted service account keySendrealm send attempts fail authorization.

iOS: Create The APNs Key

Use this section for iOS push delivery through Apple Push Notification service.

Step 1: Confirm The App ID And Bundle ID

  1. Open Certificates, Identifiers & Profiles.
  2. Open Identifiers.
  3. Select the App ID for your app.
  4. Confirm the Bundle ID matches your Xcode target.
The Bundle ID is the APNs topic Sendrealm sends to. It must match the app that receives the token. If you do not have an App ID yet, create an explicit App ID with the same Bundle ID used by the app. Do not use a wildcard App ID for push setup. Where to check the Bundle ID:
App typeWhere the Bundle ID normally lives
Native iOSXcode app target, Signing & Capabilities, Bundle Identifier
React Native Bareios/<App>.xcworkspace, app target, Signing & Capabilities
React Native Expoexpo.ios.bundleIdentifier in Expo config

Step 2: Enable Push Notifications On The App ID

Apple must allow the Bundle ID to use APNs.
  1. In Certificates, Identifiers & Profiles, open Identifiers.
  2. Select the App ID for your Bundle ID.
  3. Click Edit.
  4. Enable Push Notifications.
  5. Save and confirm the change.
Apple requires the Account Holder or Admin role to manage App ID capabilities. If you do not see the controls, ask an Apple Developer Account Holder or Admin on your team to do this step. When an App ID capability changes, provisioning profiles that include that App ID can become invalid. If signing starts failing later, refresh automatic signing, regenerate the provisioning profile, or rebuild through EAS with updated credentials.

Step 3: Enable Capabilities In The App

The Apple Developer App ID is the server-side permission. The app target also needs the matching entitlement at build time. For native iOS and React Native Bare:
  1. Open the app project or workspace in Xcode.
  2. Select the main iOS app target.
  3. Open Signing & Capabilities.
  4. Add Push Notifications.
  5. Confirm the Team and Bundle Identifier match the App ID from Step 1.
For React Native Expo:
  1. Confirm expo.ios.bundleIdentifier matches the App ID.
  2. Configure the Sendrealm Expo plugin.
  3. Run npx expo prebuild --platform ios or create a new EAS build.
  4. If the generated native project is committed, open ios/*.xcworkspace and verify the main app target has Push Notifications under Signing & Capabilities.
If your app sends silent pushes or background update notifications, enable background remote notifications:
  • Native iOS and React Native Bare: add Background Modes in Xcode and check Remote notifications.
  • React Native Expo: set ios.enableBackgroundRemoteNotifications to true in the Sendrealm Expo plugin, then rebuild.
If your app sends rich image notifications, add a Notification Service Extension:
  • Native iOS and React Native Bare: add or configure a Notification Service Extension target.
  • React Native Expo: set ios.notificationServiceExtension to true, run prebuild, and rebuild.

Step 4: Create The APNs Private Key

  1. In Certificates, Identifiers & Profiles, open Keys.
  2. Click the add button.
  3. Enter a clear key name, for example Sendrealm Push.
  4. Select Apple Push Notification service.
  5. Click Configure next to Apple Push Notification service.
  6. Choose the environment configuration and key type.
  7. Review the configuration.
  8. Click Confirm.
  9. Download the private key immediately.
Apple saves the private key as a .p8 file. You can only download that same private key once. If you lose it, create a new APNs key and update Sendrealm. The APNs key must have Apple Push Notification service selected. A key created only for another Apple service cannot send notifications through APNs. Apple requires the Account Holder or Admin role to create keys.

Step 5: Choose Team Scoped Or Topic Specific

Apple may let you choose between Team Scoped and Topic Specific APNs keys.
  • Team Scoped is simpler for most teams and can be used across apps owned by the same Apple team.
  • Topic Specific restricts the key to selected bundle IDs.
Use Topic Specific if your security policy requires tighter app-level restriction. If you choose Topic Specific, select the exact Bundle ID from Step 1. Use Team Scoped if you want the simplest setup.

Step 6: Find The APNs Key ID

  1. Open Certificates, Identifiers & Profiles.
  2. Open Keys.
  3. Select the APNs key.
  4. Copy the key identifier shown below the key name.
This is the Key ID value required by Sendrealm.

Step 7: Find The Apple Team ID

Open your Apple Developer account membership details and copy the Team ID for the team that owns the app Bundle ID. The Team ID must belong to the same Apple developer team that owns:
  • The App ID
  • The Bundle ID
  • The APNs key

Step 8: Upload APNs Values To Sendrealm

In Sendrealm:
  1. Open your project.
  2. Open the app or push provider settings.
  3. Choose iOS or APNs provider settings.
  4. Upload the .p8 file.
  5. Enter the Key ID.
  6. Enter the Team ID.
  7. Enter the Bundle ID.
  8. Select the APNs environment.
  9. Save the provider.
After saving, initialize the iOS SDK on a physical device and send a test push.

APNs Sandbox vs Production

APNs has separate sandbox and production environments. The environment must match the build that created the APNs token.
Build typeAPNs environment
Xcode debug or development-signed buildsandbox
Production-signed ad hoc buildproduction
TestFlightproduction
App Storeproduction
If the environment is wrong, the app can successfully register a token, but APNs may reject sends for that token.

iOS Values To Check

Before testing iOS push, confirm:
  • Bundle ID in Sendrealm matches the Xcode app target.
  • Bundle ID in Sendrealm matches expo.ios.bundleIdentifier for Expo apps.
  • App ID has Push Notifications enabled in Apple Developer.
  • Xcode app target has Push Notifications enabled under Signing & Capabilities.
  • Background Modes includes Remote notifications if you send silent/background pushes.
  • A Notification Service Extension is present if you send rich image notifications.
  • Team ID belongs to the team that owns the Bundle ID.
  • Key ID belongs to the uploaded .p8 key.
  • APNs key has Apple Push Notification service enabled.
  • Topic Specific APNs key includes this Bundle ID, if you used Topic Specific.
  • APNs environment matches the build type.
  • The app is running on a physical device.
  • The iOS or React Native SDK forwards APNs token callbacks.
  • The user has granted notification permission.

iOS Common Mistakes

MistakeResult
Using sandbox for TestFlightAPNs rejects production tokens.
Using production for Xcode debug buildsAPNs rejects sandbox tokens.
Wrong Bundle IDAPNs sends to the wrong topic and delivery fails.
Wrong Team IDProvider authentication fails.
Push Notifications not enabled on the App IDThe app may not receive the proper push entitlement.
Push Notifications not enabled in XcodeThe built app is missing the push notification entitlement.
Provisioning profile not refreshed after enabling pushSigning can fail or the app can be built without the expected entitlement.
APNs key created without Apple Push Notification serviceSendrealm cannot authenticate APNs sends with that key.
Topic Specific key does not include the Bundle IDAPNs sends for that app are not authorized by the key.
Missing Background Modes, Remote notificationsSilent/background pushes may not be delivered to the app for background handling.
Missing Notification Service ExtensionRich images cannot be downloaded and attached before display.
Losing the .p8 fileYou must create a new key and update Sendrealm.
Testing on simulatorEnd-to-end APNs testing is unreliable. Use a physical device.

Upload In Sendrealm

The exact dashboard labels may vary, but the provider setup follows this shape:
  1. Open your Sendrealm project.
  2. Open your app settings or push provider settings.
  3. Add or edit the Android provider.
  4. Upload the Firebase service account JSON.
  5. Add or edit the iOS provider.
  6. Upload the APNs .p8 file and enter Key ID, Team ID, Bundle ID, and environment.
  7. Save the provider settings.
  8. Send a test notification to a development device.
If Sendrealm shows validation errors, check that the files were not renamed into unsupported formats and that pasted IDs do not include extra spaces.

Test The Full Flow

Credentials are only one half of push setup. The app must also register a token. For Android:
  1. Install the app on a Google Play device or emulator.
  2. Initialize the Android or React Native SDK.
  3. Request notification permission on Android 13 or newer.
  4. Confirm diagnostics show token presence.
  5. Send a test push from Sendrealm.
For iOS:
  1. Install the app on a physical device.
  2. Initialize the iOS or React Native SDK.
  3. Request notification permission.
  4. Confirm APNs token callbacks are forwarded.
  5. Confirm diagnostics show token presence.
  6. Send a test push from Sendrealm.

Delivery Timing Is Best Effort

Credentials let Sendrealm authenticate with Firebase and APNs. They do not guarantee that every notification appears instantly on every device. After Sendrealm sends a push, final delivery is still affected by:
  • Device network connectivity.
  • Android Doze and App Standby.
  • Android battery optimization and manufacturer-specific background restrictions.
  • Android notification channel settings.
  • FCM priority and throttling behavior.
  • iOS APNs priority.
  • iOS Focus, notification summary, and notification settings.
  • iOS background update throttling.
  • Stale or inactive device tokens.
This means a valid setup can still produce notifications that are delayed, dropped, throttled, collapsed, or hidden by user settings. Test on real devices, check SDK diagnostics, and make sure the app can fetch important state when it opens.

Rotate Credentials

Rotate provider credentials when a key is exposed, when team access changes, or as part of your security policy. For Firebase:
  1. Generate a new service account private key.
  2. Upload the new JSON file to Sendrealm.
  3. Send a test push.
  4. Delete the old service account key in Google Cloud or Firebase once the new key works.
For APNs:
  1. Create and download a new APNs key.
  2. Upload the new .p8, Key ID, Team ID, Bundle ID, and environment to Sendrealm.
  3. Send a test push.
  4. Revoke the old APNs key after traffic has moved to the new key.
Do not revoke the old key before confirming the new key works, unless the old key is actively compromised and must be disabled immediately.

Security Notes

  • Never commit Firebase service account private keys.
  • Never commit APNs .p8 files.
  • Do not send provider private keys through chat, email, or tickets unless your company has an approved secure process.
  • Limit dashboard access to people who need to manage push providers.
  • Rotate credentials after employee offboarding if your policy requires it.
  • Keep a record of which Firebase project and Apple team belong to each Sendrealm app.

Official References