How to integrate a google service account in a firebase project directly? - firebase

I am trying to integrate a google service account to a firebase project for a web application.
How can I integrate it to firebase project directly(to the backend) so that I can use APIs without API-key

By using Firebase in your project, you get access to a set of client-side APIs that you can use directly in your application without needing to include the Google Service Account. Most Firebase products rely on a separate user-authentication mechanism, and their own server-side security rules language to control what data each user has access to. So there should be no need to include the Google Service Account credentials in your application code.
If you have a specific Google API for which no Firebase SDK exists, you can call that API from something like Cloud Functions. In Cloud Functions you can securely use your service account, and then expose just the required functionality to your application code.

Related

Create a secured API using Firebase

I have created an API with Firebase using Cloud Functions. GET and POST endpoints are deploeyd.
A client application is registered on the project and can access it callable functions.
I would like other client applications (using their own separate Firebase project) being able to access the API too.
However, I am concerned regarding security.
If I create HTTPS endpoints for those applications, anyone having the URL will be able to use the API ?
And if I manage to restrict access only to those authorized apps, can I allow/restrict only specific endpoints (only GET endpoints, for example)?

Will I be able to use my Firebase FCM account if the application is under a different play store account?

I am working on a Whitelabel mobile app project, and I require the ability to use Firebase FCM. The majority of the applications are in our own Google Play Account, but a few are on a client's separate Google Play Account.
Is it possible to use the same Firebase FCM account for both Google Play Account's applications? Or will I need to have the external account provision the Firebase app resource on their end and give us the JSON config file?

Do I have to enable Firebase if I want to connect to my Cloud Firestore database from outside of Google cloud products?

Till now I was using service account to connect to my Firestore database (Firebase is not enabled) from within Google products like Cloud Functions or Colab.
Now I need to connect to Firestore from html page opened in my browser. Is it possible without enabling Firebase?
Yes, the Google Cloud Firestore NodeJS SDK is meant to be used on server side only. You can use Firebase Web SDK along with Firebase Authentication and Firebase Security Rules to support serverless app architectures where clients connect directly to your Firestore database.
You don't necessarily have to use Firebase Auth. However, it might be a good idea to restrict access and allow only public content to be accessible without authentication.
You can follow the quickstart in the documentation to setup the client SDK.

Question regarding using both Firebase and REST APIs in application

I have been creating a flutter app and am using firebase for authentication.
Is it possible and best practice to use the firebase only for the authentication and use REST APIs via http package for the CRUD operations instead of using cloud firestore?
Yes, it sure is possible, and common. If you want to send the user credentials to your backend for verification, you should use the Firebase Admin SDK to verify a user ID token.

Firebase Admin SDK create user using providers

I am trying to create a REST API for my app using Firebase Cloud Functions. I know how to use Admin SDK in Cloud Functions. It does have API to createUser. My front end app lets users sign in using Google and Facebook but I am not sure how to put it all together.
My app has successfully implemented Sign in with Google and Sign in with Facebook but how and what data do I transfer over to Cloud Functions (or any REST API Server for that matter) so that it could create a user in Firebase with appropriate provider.
Update for more explanation
I am creating an app for iOS and Android with some sort of cloud based backend. Right now I am experimenting with Firebase but I do not intend to tightly couple my apps to Firebase and hence do not want to pull Firebase-iOS and Firebase-Android SDKs into my app code. I want the ability and freedom to switch my backend over to AWS or Azure without changing frontend code.
The one (and only?) way is to create a server that will expose REST API endpoints and do the work on my behalf that usually SDK does. To achieve this, I am using Cloud Functions but that shouldn't matter as long as I have API to talk to actual cloud.
After putting that explanation, now my question is how do I let my users login to app using external providers like Google and Facebook and still achieve what I am trying to do. When I let users sign in with providers, I do not have their password to send to backend to create a new email/password user.
The sample code that best illustrates what you want to do here on GitHub.
It shows how to create an Express app that handles HTTP request pages. Learn more about Express to configure it for wildcards are needed.
It accepts and checks authentication tokens in HTTP requests from Firebase Authentication to validate the end user responsible for the request.

Resources