I've correctly implemented notification through Firebase Cloud Messaging.
I'm now seeking to how to secure it.
I think it's better to hide connections infos, you know, this firebaseConfig :
const app = initializeApp(firebaseConfig);
And the vapid key used with the getToken function :
getToken(messaging, {vapidKey: '\_key\_'});
How to secure it, prevent attacks to Firebase FCM like sending mass notification or receiving other's personal notifications ?
OK, so, thanks to Frank van Puffelen who answered me, I understood that vapid public key and firebaseConfig infos are used for identification client side, not security/authentification. Thanks Frank !