Firebase Authentication
Firebase Authentication provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users to your app. It supports authentication using passwords, phone numbers, popular federated identity providers like Google, Facebook and Twitter, and more.
Firebase Authentication integrates tightly with other Firebase services, and it leverages industry standards like OAuth 2.0 and OpenID Connect, so it can be easily integrated with your custom backend.
Key capabilities
You can sign in users to your Firebase app either by using FirebaseUI as a complete drop-in auth solution or by using the Firebase Authentication SDK to manually integrate one or several sign-in methods into your app.
| FirebaseUI Auth | |
|---|---|
| Drop-in authentication solution |
The recommended way to add a complete sign-in system to your app. FirebaseUI provides a drop-in auth solution that handles the UI flows for signing in users with email addresses and passwords, phone numbers, and with popular federated identity providers, including Google Sign-In and Facebook Login. The FirebaseUI Auth component implements best practices for authentication on mobile devices and websites, which can maximize sign-in and sign-up conversion for your app. It also handles edge cases like account recovery and account linking that can be security sensitive and error-prone to handle correctly. FirebaseUI can be easily customized to fit in with the rest of your app's visual style, and it is open source, so you aren't constrained in realizing the user experience you want. |
| Firebase SDK Authentication | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| Email and password based authentication | Authenticate users with their email addresses and passwords. The Firebase Authentication SDK provides methods to create and manage users that use their email addresses and passwords to sign in. Firebase Authentication also handles sending password reset emails. |
||||||||
| Federated identity provider integration | Authenticate users by integrating with federated identity providers. The Firebase Authentication SDK provides methods that allow users to sign in with their Google, Facebook, Twitter, and GitHub accounts.
|
||||||||
| Phone number authentication | Authenticate users by sending SMS messages to their phones. |
||||||||
| Custom auth system integration |
Connect your app's existing sign-in system to the Firebase Authentication SDK and gain access to Firebase Realtime Database and other Firebase services. |
||||||||
| Anonymous auth | Use features that require authentication without requiring users to sign in first by creating temporary anonymous accounts. If the user later chooses to sign up, you can upgrade the anonymous account to a regular account, so the user can continue where they left off. |
||||||||
How does it work?
To sign a user into your app, you first get authentication credentials from the user. These credentials can be the user's email address and password, or an OAuth token from a federated identity provider. Then, you pass these credentials to the Firebase Authentication SDK. Our backend services will then verify those credentials and return a response to the client.
After a successful sign in, you can access the user's basic profile information, and you can control the user's access to data stored in other Firebase products. You can also use the provided authentication token to verify the identity of users in your own backend services.
Note: By default, authenticated users can read and write data to the Firebase Realtime Database and Cloud Storage. You can control the access of those users by modifying your Firebase Realtime Database and Cloud Storage Security Rules.
Implementation paths
| Using FirebaseUI Auth | ||
|---|---|---|
| Set up sign-in methods | For email address and password or phone number sign-in and any federated identity providers you want to support, enable them in the Firebase console and complete any configuration required by the identity provider, such as setting your OAuth redirect URL. | |
| Customize the sign-in UI | You can customize the sign-in UI by setting FirebaseUI options, or fork the code on GitHub to customize the sign-in experience further. | |
| Use FirebaseUI to perform the sign-in flow | Import the FirebaseUI library, specify the sign-in methods you want to support, and initiate the FirebaseUI sign-in flow. | |
| Using the Firebase Authentication SDK | ||
|---|---|---|
| Set up sign-in methods | For email address and password or phone number sign-in and any federated identity providers you want to support, enable them in the Firebase console and complete any configuration required by the identity provider, such as setting your OAuth redirect URL. | |
| Implement UI flows for your sign-in methods | For email address and password sign-in, implement a flow that prompts users to type their email addresses and passwords. For phone number sign-in, create a flow that prompts users for their phone number, and then for the code from the SMS message they receive. For federated sign-in, implement the flow required by each provider. | |
| Pass the user's credentials to the Firebase Authentication SDK | Pass the user's email address and password or the OAuth token that was acquired from the federated identity provider to the Firebase Authentication SDK. | |
What's next
Learn more about users in a Firebase project, then see the integration guides for the sign-in providers you want to support: