I'm looking for out-of-the-box signup and sign-in solution. Based on my research AWS Cognito provides the solution. Custom hosted UI, self-sign-up with configurable required fields.
Does Google Firebase or Google Cloud as a whole have similar functionality? Especially self-sign-up flow with configurable required fields.
I see with Google Firebase email/password authentication provider available for sign-in. but I don't see self sign up process where I can configure the required field during the sign-up process.
Firebase Authentication is the sign-in solution from Firebase. In addition to SDK for Firebase's supported platforms, it comes with a pre-built UI for the most common platforms: web, Android, iOS and Flutter.
The number of pre-defined fields for a user is quite limited though, see for example the definition here for a web user. There is no way to expand this within Firebase Authentication. If you want to store more information for each user, you'll typically do that in one of Firebase's databases (Firestore or Realtime Database) with the user ID as the key for that information.
Related
It is possible to use Google Identity Platform and Firebase Auth concurrently in the same project without upgrading my email/password users in Firebase Auth to Google Identity Platform and having to pay for those users?
Attempting to use Google Identity Platform seems to force me to move all my users in Firebase Auth over to it.
As far as I know it is indeed not possible to use Google Cloud's Identity Platform and Firebase Authentication on a single project. You'll have to pick one, and use that for the entire project.
The only alternative I can think of is setting up separate projects for each, and accessing the specific project for the type of user. But in that scenario you'll have to deal with data migration and probably more nasty situations.
Update: since June 2022 the upgrade to Identity Platform is available directly within Firebase. While this optional upgrade does switch you to a different pricing plan which is no longer unlimited, it comes with a generous free tier of 50,000 MAU (monthly active users).
For more on this see the announcement blog post MFA, Blocking functions, and more come to Firebase Authentication and the documentation section on Firebase Authentication with Identity Platform.
I am currently working on a big software project that makes use of Firebase services. Especially Firebase Cloud Firestore, Firebase Storage, and Firebase Auth is used.
Multiple teams in one project
Teams can create their instance of the app to use the features of the app. From a technical standpoint, it is important to know that everything happens through one single Firebase project. Teams are not separated into multiple projects. From a feature standpoint, this is mandatory.
The authentication process
Admins of a team can manage the experience for the users of their team. They should also be able to modify the login methods and e.g. set up individual data to their Microsoft Azure AD account or Google Enterprise account. After a successful setup users of the team should be able to sign in with the prepared auth method by their team admin.
Possible approach
All available auth methods are enabled, set up, and ready to use (E-Mail, Google, Twitter, Microsoft, etc.). When a user opens the app and wants to sign in, the app checks which auth methods are enabled by the team admin and presents the appropriate UI.
Problem: Microsoft AD
Unfortunately, the metadata and values needed for Microsoft AD are set by the team admins and are different for every team. How can this be solved?
I see firebase has no server authentication API's added in the Firebase Admin but has only user management (CreateUser and UpdateUser).
Firebase only offers signin through client libraries where it depends on Google Identity Platform (https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword)
After exploring further I ended up finding Firebase Auth REST API over (Implemented it too and works great) here.
This API reference is great for implementing Auth through REST API and avoiding dependency on client libraries. As this helps in having complete server side authentication through cloud functions.
Coming to the pricing, Firebase mentions that Auth costs nothing where as Google Identity platforms has really high pricing.
So would like to know what Firebase team has to say on this or any one who explored this.
I want to develop an Ionic app for android and ios using firebase backend.
Requirement:
1. I want to use anonymous authentication silently so that user does not have to be worry about login.
2. I just want to display list of some items on the home page using Firestore api.
Question/Problem:
1. How does firebase will get to know that only the my app using the firestore get api.
2. If I am storing api credentials/secrets in my android app and if other user somehow knows these credentials, will that person be able to use api on behalf of my credentials and I will not be able to track the usage.
Top Level:
If someone know my firebase api credentials/secrets, will that person be able to utilize my firebase quota in case I am using firebase anonymous authentication.
Thanks in advance.
The settings you use to initialize the Firebase SDK are not "secrets". It's all very much public information that identifies your app from all the other Firebase apps out there. Every Firebase app has a similar set of public data. Once you publish your app, you should assume that everyone is able to see that data.
This means that anyone can use that data. That's why it's important to use Firebase Authentication along with security rules to make sure that people logged in can only make use of whatever resources you specify. That's the only way to lock down the data in your Firebase project. If you are concerned about security, then you should be thinking about your security rules from the very beginning.
If one day I would have to replace Firebase with custom solution can I migrate authorized users from Firebase Auth to my system?
I am aware that Firebase allows to export all user data using Firebase Admin SDK but I'm curious about behavior of identity providers (Facebook, Google and Twitter). If my custom system would use the same providers API keys as Firebase Auth what would happen to my users?
Thanks for any help !
Firebase Auth provide a CLI SDK to download your accounts:
https://firebase.google.com/docs/cli/auth#authexport
Firebase Auth uses SCRYPT to hash passwords. If you decide to migrate, you can also contact Firebase support to help you with the process.
As for linked OAuth providers, you can still implement that in your own system as the OAuth flow is a well known standard and the users should be portable. In general, Firebase Auth architecture is based on open standards and protocols that are widely used in the industry. The advantage is that Firebase Auth manages all that complexity for you for free.