APNs Trusted | Token-Based Connection to APNs

https://developer.apple.com/documentation/usernotifications/setting_up_a_remote_notification_server/establishing_a_token-based_connection_to_apns

 

Secure your communications with Apple Push Notification service (APNs) by using stateless authentication Tokens.

 

First you must obtain an Encryption Key and a Key ID from Apple Developer Account. Once a successful registration, you will obtain a 10-Character string with the Key ID and an Authentication Token signing key as a .p8 file extension.

 

You must use the sgcWebSockets JWT Client to generate a JWT using ES256 as algorithm. The token must not be generated for every HTTP/2 request, the token must not be refreshed before 20 minutes and not after 60 minutes.

 

Configure JWT Client

Configure the JWT Client with the following values:

 

 

Using Token-Based connections, requires to send the apns-topic with the value of your app's bundle ID/app id (example: com.example.application).


oHTTP := TsgcHTTP2Client.Create(nil);
oHTTP.TLSOptions.IOHandler := iohOpenSSL;

oJWT := TsgcHTTP_JWT_Client.Create(nil); oHTTP.Authentication.Token.JWT := oJWT; oJWT.JWTOptions.Header.alg := jwtES256; oJWT.JWTOptions.Header.kid := 'apple key id'; oJWT.JWTOptions.Payload.iss := 'issuer'; oJWT.JWTOptions.Payload.iat := StrToInt64(GetDateTimeUnix(Now, False)); oJWT.JWTOptions.Algorithms.ES.PrivateKey.LoadFromFile('AuthKey_**.p8'); oJWT.JWTOptions.RefreshTokenAfter := 60*40;
oHTTP.Request.CustomHeaders.Clear; oHTTP.Request.CustomHeaders.Add('apns-topic: com.example.application');