VAPID Key Generator
Generate a VAPID key pair for Web Push Notifications. Keys are generated in your browser and never leave this page.
Click Generate to create VAPID keys// This tool generates keys client-side using WebCrypto. Store keys securely in your backend for production use.
What are VAPID Keys?
VAPID (Voluntary Application Server Identification) is a protocol that allows your application server to identify itself to push services when sending web push notifications.
VAPID keys are a public-private key pair used to authenticate your server with push services like Firebase Cloud Messaging (FCM), Apple Push Notification service, and others. They ensure that only authorized servers can send push notifications to your users.
Public Key
Shared with the browser when a user subscribes to push notifications. It identifies your application to the push service and is included in the subscription object.
Private Key
Kept secret on your server. Used to sign requests when sending push notifications, proving that the requests come from your authorized application server.
Why VAPID Keys are Required
- Authenticates your server with push services, preventing unauthorized notifications
- Required by most modern push services including FCM and browser vendors
- Provides a secure way to identify your application without sharing credentials
- Enables push services to contact you if there are issues with your notifications
Security Note: Store your private key securely on your backend server. Never expose it in client-side code or public repositories. The keys generated on this page are created entirely in your browser and never leave this page.
Learn more about Web Push & VAPID
VAPID (Voluntary Application Server Identification) authenticates your server with push services. These links cover the fundamentals and best practices.