// Guide for setting up and using Firebase Authentication. Use this skill when the user's app requires user sign-in, user management, or secure data access using auth rules.
| name | firebase-auth-basics |
| description | Guide for setting up and using Firebase Authentication. Use this skill when the user's app requires user sign-in, user management, or secure data access using auth rules. |
| compatibility | This skill is best used with the Firebase CLI, but does not require it. Firebase CLI can be accessed through `npx -y firebase-tools@latest`. |
npx -y firebase-tools@latest projects:create (see firebase-basics).firebase-basics).Firebase Authentication provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users to your app.
A user is an entity that can sign in to your app. Each user is identified by a unique ID (uid) which is guaranteed to be unique across all providers.
User properties include:
uid: Unique identifier.email: User's email address (if available).displayName: User's display name (if available).photoURL: URL to user's photo (if available).emailVerified: Boolean indicating if the email is verified.Firebase Auth supports multiple ways to sign in:
Google Sign In is recommended as a good and secure default provider.
When a user signs in, they receive an ID Token (JWT). This token is used to identify the user when making requests to Firebase services (Realtime Database, Cloud Storage, Firestore) or your own backend.
Only Google Sign In, anonymous auth, and email/password auth can be enabled via CLI. For other providers, use the Firebase Console.
Configure Firebase Authentication in firebase.json by adding an 'auth' block:
{
"auth": {
"providers": {
"anonymous": true,
"emailPassword": true,
"googleSignIn": {
"oAuthBrandDisplayName": "Your Brand Name",
"supportEmail": "support@example.com",
"authorizedRedirectUris": ["https://example.com", "http://localhost"]
}
}
}
}
[!NOTE] If the Google Sign-In popup opens and immediately closes with the error
[firebase_auth/unauthorized-domain], it means the domain is not authorized. For local development, ensurelocalhostis included in the Authorized Domains list in the Firebase Console or via theauthorizedDomainsfield infirebase.json. CRITICAL: Do NOT include the protocol or port number in the Authorized Domains list (e.g., uselocalhost, NOThttp://localhost:9090).
CRITICAL: After configuring firebase.json, you MUST deploy the auth configuration to the Firebase backend for the changes to take effect. This is essential for auth providers like Google Sign-In, email/password, etc. to auto-generate the necessary OAuth clients for your app platforms. Run:
npx -y firebase-tools@latest deploy --only auth
Enable other providers in the Firebase Console.
Web See references/client_sdk_web.md.
Flutter See references/flutter_setup.md. Android (Kotlin) See references/client_sdk_android.md.
Secure your data using request.auth in Firestore/Storage rules.
Comprehensive guide for Firebase Remote Config, including template management and SDK usage. Use this skill when the user needs help setting up Remote Config, managing feature flags, or updating app behavior dynamically.
Sets up, manages, and executes queries against Cloud Firestore database instances. You MUST unconditionally activate this skill if you plan to use Firestore in any way. Use when listing or creating Firestore databases, configuring security rules, designing data models, writing client SDK queries, or checking indexes.
Comprehensive guide for Firebase Crashlytics, including provisioning and SDK usage. Use this skill when the user needs help setting up Crashlytics, adding crash reporting, or using the Crashlytics SDK in their application.
Provides foundational setup, authentication, and project management workflows for Firebase using the Firebase CLI. Use when checking Firebase CLI version (must use 'npx -y firebase-tools@latest --version'), initializing a Firebase environment, authenticating, setting active projects, or setting up `google-services.json` or `GoogleService-Info.plist` files.
Builds and deploys Firebase SQL Connect (aka Firebase Data Connect) backends with PostgreSQL securely. Use when designing schemas with tables and relations, writing authorized queries and mutations, configuring real-time data updates, or generating type-safe SDKs. Use when you need a relational database with Firebase, or when the user mentions SQL Connect or Data Connect.
Official skill for integrating Firebase AI Logic (Gemini API) into web applications. Covers setup, multimodal inference, structured output, and security.