After you add the App Check SDK to your app, but before you enable
App Check enforcement, you should make sure that doing so won't disrupt your
existing legitimate users.
For Cloud Functions, you can get App Check metrics by examining your
functions' logs. Every invocation of a callable function emits a structured log
entry like the following example:
{
"severity": "INFO", // INFO, WARNING, or ERROR
"logging.googleapis.com/labels": {"firebase-log-type": "callable-request-verification"},
"jsonPayload": {
"message": "Callable header verifications passed.",
"verifications": {
// ...
"app": "MISSING", // VALID, INVALID, or MISSING
}
}
}
You can analyze these metrics in the Google Cloud console by
creating a
logs-based counter metric
with the following metric filter:
resource.type="cloud_function"
resource.labels.function_name="
YOUR_CLOUD_FUNCTION
"
resource.labels.region="us-central1"
labels.firebase-log-type="callable-request-verification"
Label the metric
using the field
jsonPayload.verifications.appCheck
.
Next steps
When you understand how App Check will affect your users and you're ready to
proceed, you can
enable App Check enforcement
for Cloud Functions.