Setting up an authenticated web service to send push notifications for Windows Phone 8

  • Article

[ This article is for Windows Phone 8 developers. If you’re developing for Windows 10, see the latest documentation. ]

We recommend setting up an authenticated web service to send your notifications to the Microsoft Push Notification Service (MPNS) for the following reasons:

  • Communication using an authenticated web service occurs over HTTPS and offers better security than an unauthenticated web service, which uses HTTP.

  • There is no daily limit on the number of push notifications an authenticated web service can send. Unauthenticated web services, on the other hand, are throttled at a rate of 500 push notifications per subscription, per day.

Authenticating your web service

While developing your web service, you may want to test the HTTPS interface and mutual authentication between your web service and the MPNS. To do this, complete the following steps to upload a Transport Layer Security (TLS) certificate to your account on Dev Center:

  1. Sign in to your account on Dev Center.

  2. Go to your account settings.

  3. Select Certificates and then follow the instructions to upload the certificate.

Important Note:

The TLS certificate uploaded to Dev Center must meet the following criteria:

  • The Key-Usage value of the TLS certificate must be set to include client authentication.

  • The root Certificate Authority (CA) of the certificate must be one of the CAs listed at SSL root certificates for Windows Phone OS 7.1. Use this list whether your app is for Windows Phone OS 7.1 or Windows Phone 8.

After the certificate has been uploaded, do the following steps to use the authenticated channel:

  1. Set Service Name to the Common Name (CN) found in the certificate's Subject value.

  2. Install the TLS certificate on your web service and enable HTTP client authentication.

Your web service will be authenticated until the certificate uploaded to Dev Center expires. When you’re finished developing your app, submit it to Dev Center and make sure to select the appropriate TLS certificate during submission.

For steps you can take to implement no-quota (unthrottled) push notifications for your Windows Phone app using Microsoft Push Notification Services (MPNS), see No-quota push notifications using a root Certificate Authority. Implementing no-quota push notifications means that your app will not be restricted by a daily limit of push notifications.

See Also

Other Resources

Sending push notifications for Windows Phone 8