Clarification: App Check quotas

[Andreas B]

In this recently released video (around the 9:20 mark), a suggestion is made to "use Remote Config to gradually roll out the use of App Check" if we "suspect to be onboarding a lot of new users", because attestation providers have daily quotas.

This would be fine if getting a token from the attestation provider was a one-time thing. If I understand the documentation correctly, though, it is not. This doc, for example, explicitly mentions a TTL of app check tokens between 30 minutes and 7 days and that tokens are refreshed at approximately half that duration.

This seems to imply that apps with App Check generally won't be able to support more daily users than the daily quota of the attestation provider (10,000 in case of Safety Net), and likely much less than that if each individual app instance might try to get a new token up to four times per hour.

So, how would a gradual rollout for new users even make a dent here, if everyone is requesting app tokens all the time, anyway? Also, are there any good strategies to work around that quota?

[Rachel Myers]

We have a codelab about how to roll out App Check gradually. It uses App Attest as the attestation service, but the same principles will apply for the other attestation providers: https://firebase.google.com/codelabs/app-attest-remote-config#0

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/df5f962b-3862-4fa5-b206-4d8700c70dd6n%40googlegroups.com.

[Andreas B]

Thanks, but my question is not how to perform a gradual rollout of some feature.  My question is how gradually rolling out App Check would help with staying within the quota of the underlying attestation service, if getting a token from that service is something that happens regularly for any active app installation, anyway.

Basically, what's the difference between updating from an app version without App Check to an app version with App Check, and simply having a published app that uses App Check for all of its (potentially > 10,000) daily users?

[Andreas B]

Addition: For what it's worth, the Codelab refers to Apple's service, which clarifies in its documentation that

> After the initial rollout, your app makes requests only for new users, new devices, and reinstallations.

However, I'm mainly interested in Android, where both Play Integrity and SafetyNet have a quota of 10,000/day, and the documentation does not state that getting a token is something that happens once per installation lifetime, but instead refers to a TTL value of hours or at most 7 days. I assume that this means that there will be requests from every daily user. Am I misunderstanding things here?