Push Credentials setup

1. Enable Firebase Cloud Messaging API

Navigate to https://console.developers.google.com/apis/api/fcm.googleapis.com/overview or in the Google Cloud console search box, type in Firebase Cloud Messaging API and select it from the results list.

Select the Firebase project in question if not already selected and click the Enable button to enable the use of Firebase Cloud Messaging API.

2. Create a limited access role for message creation

Type Roles into the Google Cloud console search box and select the Roles page.

Click + Create role.

Fill in the fields as:

Title: Richie Push

Description: Richie Push

ID: RichiePushRole

Click + Add permissions.

Select the filter field and paste in cloudmessaging.messages.create to filter the results.

Select the cloudmessaging.messages.create permission checkbox and click the Add button.

Click Create to finalize the role creation.

3. Create a service account

Navigate to Service Accounts and click the + Create service account button.

Fill in the fields as:

Service account name: richiepush

Service account ID: richiepush

Service account description: richiepush

Click Create and continue.

Click the Select a role field, type in Richie Push to the search field and select the role.

Click Continue.

Click Done.

4. Add key to the service account

Navigate to the service account's details

Select the service account's Keys tab.

Click Add key, select Create new key and select the type as JSON. Click Create. Your browser will download the key file.

5. Send the key file to us

Send the key file to us in via 1Password sharing, secured Dropbox transfer, encrypted Zip file, encrypted macOS disk image or any other means where the downloaded key file is encrypted on its way to us. Slack and other messaging services are also an option, if necessary.

Send any password to an encrypted file through another medium than the one used to transfer the key file itself.

Delete the key file and copies of it after we've received it.