Setting up an authenticated web service to send push notifications for Windows Phone
November 04, 2013
Applies to: Windows Phone 8 | Windows Phone OS 7.1
We recommend setting up an authenticated web service to send your notifications to the Microsoft Push Notification Service (MPNS) for the following reasons:
Communication using an authenticated web service occurs over HTTPS and offers better security than an unauthenticated web service, which uses HTTP.
There is no daily limit on the number of push notifications an authenticated web service can send. Unauthenticated web services, on the other hand, are throttled at a rate of 500 push notifications per subscription, per day.
While developing your web service, you may want to test the HTTPS interface and mutual authentication between your web service and the MPNS. To do this, complete the following steps to upload a Transport Layer Security (TLS) certificate to your account on Dev Center:
Sign in to your account on Dev Center.
Go to your account settings.
Select Certificates and then follow the instructions to upload the certificate.
The TLS certificate uploaded to Dev Center must meet the following criteria:
The Key-Usage value of the TLS certificate must be set to include client authentication.
The root Certificate Authority (CA) of the certificate must be one of the CAs listed at SSL root certificates for Windows Phone OS 7.1. Use this list whether your app is for Windows Phone OS 7.1 or Windows Phone 8.
After the certificate has been uploaded, do the following steps to use the authenticated channel:
Set Service Name to the Common Name (CN) found in the certificate's Subject value.
Install the TLS certificate on your web service and enable HTTP client authentication.
Your web service initially is authenticated for four months after the certificate is uploaded. When you’re finished developing your app, submit it to Dev Center and make sure to select the appropriate TLS certificate during submission. When your app passes certification and is published on Dev Center, the four-month authentication limit will be removed.
For steps you can take to implement no-quota (unthrottled) push notifications for your Windows Phone app using Microsoft Push Notification Services (MPNS), see No-quota push notifications using a root Certificate Authority. Implementing no-quota push notifications means that your app will not be restricted by a daily limit of push notifications.