- Newest
- Most votes
- Most comments
Storing the platform endpoint ARN on the end user device is not recommended due to the potential security risks you mentioned. Encrypting the ARN with KMS and storing it on the device would add an extra layer of security, but it may still be vulnerable to attacks if the encryption key is compromised.
A better solution would be to store the platform endpoint ARN in a secure backend system like DynamoDB, indexed by a unique identifier for the user, such as a user ID. This way, the platform endpoint ARN can be retrieved and used to send push notifications without the need to store it on the end user device.
To handle the corner case where the app is uninstalled and reinstalled on the same device, you can use the SNS feature called "event feedback". When an app is uninstalled, SNS will receive an event feedback message from the platform (such as FCM or APNS) indicating that the endpoint is no longer valid. You can use this message to disable the endpoint and delete it from your backend system, and create a new endpoint when the app is reinstalled.
Relevant content
- Accepted Answerasked 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 2 years ago
I believe this answer was generated through GPT. Pasting my question into GPT produces this reply with very little difference. In addition, this user produced 13 replies in less than 1 hour yesterday. An average 4 minutes per answer. All of them in a very remarkable form that reminds me of ChatGPT.
While I do see the value of such a tool - and in fact - I used it myself to do my research before coming to re:Post - I created this question hoping to get feedback from either experienced AWS users, who have first-hand experience with SNS, or maybe AWS engineers who worked on the service.