How does push notification and VAPID keys work?
Hello, was reading a bit about push notification on PWA. From what I've understood, our browser never sends push notification directly to our app. The idea is, our browser sends it to a push service and then the push service delivers it to a server that will then delivers it back to us?
Can someone confirm if the flow I gave is correct please.
I also read that during the exchange between browser to push service and push service to web server, we have the signing of keys, public and private VAPID keys.
From what I've understood, our browser tells the push service who we are. Then server side, the server signs back with its private keys to make sure that we are the one who we claim to be and sends the message.
This is where I'm a bit confused.
Why can't we use just a single public key? What's the job of the private key here?
Can someone confirm if the flow I gave is correct please.
I also read that during the exchange between browser to push service and push service to web server, we have the signing of keys, public and private VAPID keys.
From what I've understood, our browser tells the push service who we are. Then server side, the server signs back with its private keys to make sure that we are the one who we claim to be and sends the message.
This is where I'm a bit confused.
Why can't we use just a single public key? What's the job of the private key here?
A friendly place for developers to meet other devs, ask questions, get help, and just have a good time 🙂.
36,263Members
Resources
Similar Threads
Was this page helpful?
