This question already has answers here:
Firebase - Where is My Account Secret in the New Console?
(4 answers)
Closed 6 years ago.
I am trying to enable zapier to access firebase database of my project. I am not able to get the details they are asking for.
The zapier page says
On the firebase authentication tab (I couldn't find auth) I don't see anything named Forge
Any suggestions on how to get this Firebase secret?
At the right hand side of the project, click the Settings icon.
1) The API key should be available in General tab
2) The database secret should be present in Database tab
Related
This question already has answers here:
How to get Emails of users via UID in Firebase
(1 answer)
How do I return a list of users if I use the Firebase simple username & password authentication
(7 answers)
Closed 2 years ago.
I need to get the email of any user registered in Firebase Authentication from their UID. Is that possible?
It's not possible using the APIs provided by Firebase Auth web and mobile SDKs (including Flutter). You would have to either:
Store data relevant data in a database and perform the lookup there, or
Implement a backend endpoint that uses the Firebase Admin SDK to perform the lookup
This question already has answers here:
Is it safe to expose Firebase apiKey to the public?
(10 answers)
Should I hide firebase api keys into backend? Not due to data security but project cloning issue
(2 answers)
Closed 2 years ago.
I have been messing around with Firebase in a web app and realized there's something I don't understand.
In order for the JS code to send data to the Firebase servers, your apiKey has to be in the JS. But then that means your API key is public, and anyone using your website can inspect the code and just send arbitrary commands to Firebase on your behalf from the dev tools, or from any other site now that they have the API key.
I know I must be missing something, since this would make Firebase not useful. What is it I'm missing? What prevents users from sending arbitrary commands to Firebase with your ApiKey?
This question already has answers here:
How to create Firebase Authentication claims?
(3 answers)
Closed 3 years ago.
In my application I use firebase authentication and Google account as credentials provider. I would like to assign roles to users. In order to do it I would like to add custom claims to the authentication token a user gets during login. And here is my problem because I don't know how to add claims to existing user from the firebase console.
There is currently no way to set custom claims for a user in the Firebase console. If you think this would be a useful addition, file a feature request for it.
In the meantime the easiest way to add a custom claim is to do so from the a terminal window/command prompt using a small Node.js script like this:
admin.auth().setCustomUserClaims(uid, {admin: true})
Also see:
How to create Firebase Authentication claims?
This question already has an answer here:
How to use Google relyingparty to disable user Firebase?
(1 answer)
Closed 4 years ago.
Is there any way to disable/deactivate a firebase user account programmatically?
The admin has the opportunity to do it in the Authentication Tab in the firebase console but how to do it in code?
I have not tried anything in code as i did not find any methods.
The Firebase Admin SDKs have the ability to disable user accounts. For example, on Node.js, you'd do this with:
admin.auth().updateUser(uid, {
disabled: true
})
For examples in the other supported languages, see the documentation on updating a user.
Note that the Admin SDKs are designed to be used in trusted environments only, such as your development machine, a server you control, or Cloud Functions. You cannot run this code in the client-side app, as that would allow any user to disable any other user's account.
This question already has answers here:
Is it still possible to do server side verification of tokens in Firebase 3?
(2 answers)
Closed 6 years ago.
My Android app currently uses Google sign in and this works well. I add the tokenId to every server request and then verify it on the server. This was very easy to implement using this example (I'm using python).
I'm migrating this to go through Firebase so that I can easily add other authentication providers. My problem is that I can't seem to verify the token on the server. All I need is verification, no creation. Firebase seems to provide libraries only for Node.js and Java so I ccould use a standard JWT library like pyjwt. But where do I find Firebase's public key in order to verrify the token?
I found the answer in this post. The public keys for Firebase can be found here. The kid field in the header determines what key to use.