Developer Console

Obtain and Store Your API Key

1. Explore - Know your options 2. Choose - Find a solution 3. Fit - Update your code 4. Verify - Test your app 5. Push - Submit your app

Both Amazon Device Messaging (ADM) and Firebase Cloud Messaging (FCM) require you to be able to uniquely identify your app. With Firebase, you generate a configuration file called google-services.json and add it to your app. With ADM, you must generate an API key and include it in your project. You must also generate OAuth security profile credentials.

The purpose of these credentials are as follows:

  • API key(s). ADM uses an API key to verify your app's identity.
  • OAuth Credentials ("Client ID" and "Client Secret"). ADM uses OAuth credentials to verify your server's identity. Your server presents these credentials to obtain access tokens for sending messages using ADM.

The following instructions provide details on how to obtain your credentials.

Obtain your API key and credentials

  1. Create an account on the Developer Console and add your app, if you haven't already done so.

  2. Go to Apps & Services > My Apps, and then select the app with which you want to use ADM.

  3. In the sidebar, click App Services.

  4. In the Device Messaging section, click Select existing security profile or create new. (If you have already assigned a security profile to your app, expand the Attached security profile and related details section and proceed to step 7.)

  5. To assign a security profile to your app, choose an existing security profile from the Security Profile drop-down menu, or click Create Security Profile to create a new profile. A security profile provides the OAuth credentials that you use when sending messages with ADM.

  6. After selecting an existing security profile, click Enable Security Profile to save your changes.

    A success message appears that says, "Device messaging was successfully enabled on your app using Security Profile Name security profile."

  7. Click the View Security Profile link. Then under Security Profile Management, click Android/Kindle Settings.

  8. Click the Add an API Key button to create an API key. Your app requires one or more API keys.

    • Debug application signature: In all cases, you must create an API key for the debug version of your app to test your app with ADM.

    • Release application signature: If your app uses the Appstore SDK, you must create an additional API key for the release version of your app. If using the older IAP SDK v2.0 and you sign your app using your own certificate, you must also create an API key for the release version of your app. In contrast, if using the IAP SDK v2.0, or no in-app purchasing SDK at all, and you allow Amazon to sign your app on your behalf, you do not need to create an additional API key. For a summary, see the following table.

      Determine if you're required to create an API key for your release app.
      App uses the Appstore SDK App signed with your own certificate API key required?
      Yes
        Yes
        Yes
          No

    To create an API key, you must provide a name for the API key, your app's the package name (for example, com.mycompany.bestapplication), and the MD5 and SHA-256 values of your app's signature:

    • Debug application signature (used for pre-release version of your app): You can obtain the MD5 or SHA-256 signature of the certificate used to sign the debug version of your app by doing one of the following:

      • Locate the keystore file that is used to sign your app, as well as the alias of the certificate within the keystore file used for signing. For example, if the keystore file is named my_key_store and the certificate within the keystore that is used for signing is called my_certificate_alias, you would run the following command:

        {JAVA_HOME}/bin/keytool -list -v -alias my_certificate_alias -keystore my_keystore_file
        

        The output should contain an MD5 or SHA-256 value similar to the following. This is your application signature.

        MD5: 2E:0B:46:F8:D0:4A:06:AC:18:7A:2E:B0:42:95:58:FE`
        
        SHA-256: 34:A3:65:30:3E:B2:9B:30:DD:10:E8:87:79:16:DF:4C:61:77:BC:1F:80:BD:3F:12:39:A3:31:E6:68:19:1C:6F
        
      • Or, if your app is in the form of a signed APK and you are developing on a Unix-like system, you can run the following command instead. Note that you must replace {your-app.apk} with the name of your APK file.

        MD5:

        unzip -p {your-app.apk} META-INF/CERT.RSA | keytool -printcert | grep MD5
        

        SHA-256:

        unzip -p {your-app.apk} META-INF/CERT.RSA | keytool -printcert | grep SHA-256
        
      • Or, if you are using Android Studio, click the Gradle side pane on the right and expand it. Then expand app > Tasks > android and double-click signingReport.

        Provide the MD5 and SHA-256 output that is returned.

    • Release application signature (for the production version of your app):

      • If you sign the release version of your app using your own certificate, provide the MD5 and SHA-256 signature for that certificate to create an additional API key.
      • If you don't use your own certificate, to obtain your MD5 and SHA-256 signature:
        1. Go to the Developer Console.
        2. Select Apps & Services > My Apps.
        3. Select your app.
        4. Go to the Upload Your App File screen.
        5. Select Appstore Certificate Hashes.
      • It's possible you might not need an API key, see the table in Determine if you're required to create an API key for your release app for details.
  9. Click Add.

  10. Obtain Client credentials (required for calling ADM servers). Under Security Profile Management, click the Web Settings tab. You can find the Client ID and Client Secret on this page.

Store your API key

For a pre-release or "debug" version of your app, you must create an API key and store it in your project. To add the API key to your app:

  1. Create a file called api_key.txt located inside your project's assets folder. Placing the file in this specific directory is required.
  2. Insert your API key as the only data in this api_key.txt file.

For a release or "production" version of your app, if your app uses the Appstore SDK, you must create an additional API key for the release version of your app. If using the older IAP SDK v2.0 and you sign your app using your own certificate, you must also create an API key for the release version of your app. In contrast, if using the IAP SDK v2.0, or no in-app purchasing SDK at all, and you allow Amazon to sign your app on your behalf, you do not need to create an additional API key. For a summary, see the table in Determine if you're required to create an API key for your release app.

Next steps

Go to the next step: Registration and Message Handling.


Last updated: Oct 02, 2023