decodeIntegrityToken(packageName, body=None, x__xgafv=None)

Decodes the integrity token and returns the token payload.

Args:
packageName: string, Package name of the app the attached integrity token belongs to. (required)
body: object, The request body.
The object takes the form of:

{ # Request to decode the integrity token.
"integrityToken": "A String", # Encoded integrity token.
}

x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format

Returns:
An object of the form:

{ # Response containing the decoded integrity payload.
"tokenPayloadExternal": { # Contains basic app information and integrity signals like device attestation and licensing details. # Plain token payload generated from the decoded integrity token.
"accountDetails": { # Contains the account information such as the licensing status for the user in the scope. # Required. Details about the Play Store account.
"accountActivity": { # (Restricted Access) Contains a signal helping apps differentiating between likely genuine and likely non-genuine user traffic. # (Restricted Access) Details about the account activity for the user in the scope.
"activityLevel": "A String", # Required. Indicates the activity level of the account.
},
"appLicensingVerdict": "A String", # Required. Details about the licensing status of the user for the app in the scope.
},
"appIntegrity": { # Contains the application integrity information. # Required. Details about the application integrity.
"appRecognitionVerdict": "A String", # Required. Details about the app recognition verdict
"certificateSha256Digest": [ # The SHA256 hash of the requesting app's signing certificates (base64 web-safe encoded). Set iff app_recognition_verdict != UNEVALUATED.
"A String",
],
"packageName": "A String", # Package name of the application under attestation. Set iff app_recognition_verdict != UNEVALUATED.
"versionCode": "A String", # Version code of the application. Set iff app_recognition_verdict != UNEVALUATED.
},
"deviceIntegrity": { # Contains the device attestation information. # Required. Details about the device integrity.
"deviceRecall": { # Contains the recall bits per device set by the developer. # Details about the device recall bits set by the developer.
"values": { # Contains the recall bits values. # Required. Contains the recall bits values.
"bitFirst": True or False, # Required. First recall bit value.
"bitSecond": True or False, # Required. Second recall bit value.
"bitThird": True or False, # Required. Third recall bit value.
},
"writeDates": { # Contains the recall bits write dates. # Required. Contains the recall bits write dates.
"yyyymmFirst": 42, # Optional. Write time in YYYYMM format (in UTC, e.g. 202402) for the first bit. Note that this value won't be set if the first bit is false.
"yyyymmSecond": 42, # Optional. Write time in YYYYMM format (in UTC, e.g. 202402) for the second bit. Note that this value won't be set if the second bit is false.
"yyyymmThird": 42, # Optional. Write time in YYYYMM format (in UTC, e.g. 202402) for the third bit. Note that this value won't be set if the third bit is false.
},
},
"deviceRecognitionVerdict": [ # Details about the integrity of the device the app is running on.
"A String",
],
"recentDeviceActivity": { # Recent device activity can help developers identify devices that have exhibited hyperactive attestation activity, which could be a sign of an attack or token farming. # Details about the device activity of the device the app is running on.
"deviceActivityLevel": "A String", # Required. Indicates the activity level of the device.
},
},
"environmentDetails": { # Contains information about the environment Play Integrity API runs in, e.g. Play Protect verdict. # Details of the environment Play Integrity API runs in.
"appAccessRiskVerdict": { # Contains signals about others apps on the device which could be used to access or control the requesting app. # The evaluation of the App Access Risk verdicts.
"appsDetected": [ # List of detected app types signalled for App Access Risk.
"A String",
],
"otherApps": "A String", # Deprecated: this field will be removed, please use apps_detected instead. App access risk verdict related to apps that are not installed by Google Play, and are not preloaded on the system image by the device manufacturer.
"playOrSystemApps": "A String", # Deprecated: this field will be removed, please use apps_detected instead. App access risk verdict related to apps that are not installed by the Google Play Store, and are not preloaded on the system image by the device manufacturer.
},
"playProtectVerdict": "A String", # The evaluation of Play Protect verdict.
},
"requestDetails": { # Contains the integrity request information. # Required. Details about the integrity request.
"nonce": "A String", # Nonce that was provided in the request (which is base64 web-safe no-wrap).
"requestHash": "A String", # Request hash that was provided in the request.
"requestPackageName": "A String", # Required. Application package name this attestation was requested for. Note: This field makes no guarantees or promises on the caller integrity. For details on application integrity, check application_integrity.
"timestampMillis": "A String", # Required. Timestamp, in milliseconds, of the integrity application request.
},
"testingDetails": { # Contains additional information generated for testing responses. # Indicates that this payload is generated for testing purposes and contains any additional data that is linked with testing status.
"isTestingResponse": True or False, # Required. Indicates that the information contained in this payload is a testing response that is statically overridden for a tester.
},
},
}

Google Play Integrity API . v1

Instance Methods

Method Details