Connect a custom domain

You don't have to give up your unique, brand-centric domain names with Firebase Hosting. You can use a custom domain (like yourdomain.com or app.yourdomain.com) instead of a Firebase-generated domain for your Firebase-hosted site.

Firebase Hosting provisions an SSL certificate, signed by Let's Encrypt, for each of your domains and serves your content over a global CDN.

The rest of this document walks you through these steps to connect your custom domain.

Set up your domain for Hosting

Make sure that you've completed the "Get Started" wizard from your project's Firebase Hosting page so that you have a Firebase Hosting site in your Firebase project.

Step 1: Add domain

From your project's Hosting page, enter the wizard for connecting a custom domain:
- If you have only one Hosting site, click Connect domain.
- If you have more than one Hosting site, click View for the desired site, then click Connect domain.
Enter the custom domain name that you'd like to connect to your Hosting site.
(Optional) Check the box to redirect all requests on the custom domain to a second specified domain (such that yourdomain.com and www.yourdomain.com redirect to the same content).
Click Continue to initiate the validation process.

Step 2: Verify domain ownership

If requested in the Connect Domain setup wizard, verify your apex domain.

These steps ensure that your domain is not already linked with a Firebase project and that you own the specified domain.

In your domain provider's site, locate the DNS management page.
Add and save a new record with the following inputs:
- Type: Add a TXT record.
  
  Firebase Hosting requires that you keep this TXT record continually present in your DNS settings to prove your ownership of the domain and to authorize Firebase to assign and renew SSL certificates for your site.
  
  Your domain provider may list this term as "Record Type".
- Host: Enter your apex domain key.
  
  Proving your ownership of an apex domain, or root domain, proves your ownership of all its subdomains.
  
  Your domain provider may list this term as "Host Name", "Name", or "Domain".
- Value: Copy the unique verification value into the field.
  
  Firebase Hosting checks for this value to prove your domain ownership.
  
  Your domain provider may list this term as "Data".
Allow up to 24 hours for propagation of your updated TXT records, then click Verify.

Note that you may click Cancel to safely close the Connect Domain window and reopen at a later time. This does not affect the propagation time, but you will be prompted to re-enter your domain name when you reopen the window.

After ample propagation time, clicking Verify in the Connect Domain window of the Firebase console allows you to begin the SSL certificate provisioning process.

In most cases, propagation of your records and verification of your domain will happen within a few hours, depending on your domain provider. Refer to your domain provider's documentation for detailed instructions for adding TXT records and propagation times.

If clicking Verify prompts an error message, your records have not propagated or your values may be incorrect.

Step 3: Go live

In the Connect Domain window of the Firebase console, select Quick Setup for a new site or Advanced Setup if you already have a site running on another hosting provider and need a zero-downtime migration.

Quick Setup

Return to your domain name provider's DNS management site to create DNS A records pointing your page to Firebase Hosting. Add and save records with the following inputs:

Type: Add two DNS A records.
Host: Enter your custom domain key for both records.

The host you indicate is the domain on which you want to serve content; this domain can be an apex domain or subdomain.

Your domain provider may list this term as "Host Name", "Name", or "Domain".

Value: Assign one value to each DNS A record to point your domain to the specified IP addresses.

Allow time for your SSL certificate to be provisioned. This may take up to 24 hours after you point your A records to Firebase Hosting. In most cases, propagation of your records and provisioning of your SSL cerificate will happen within a few hours, depending on your domain provider.

Advanced Setup

The Connect Domain window of the Firebase console will request that you provide a token to migrate your existing site. You only need to complete one of the following to provide the token:

Update DNS TXT records: Visit your domain provider's DNS management site. Add a TXT record with your domain key and the provided value.
Upload a file to an existing site: Upload the token onto your existing site at the specified URL and verify its existence.

Allow time for your SSL certificate to be provisioned. This may take up to 24 hours. In most cases, propagation of your records and provisioning of your SSL certificate will happen within a few hours, depending on your domain provider.
After your SSL certificate is provisioned, return to your DNS provider's DNS management site to add DNS A records pointing your page to Firebase Hosting. Add and save records with the following inputs:

Type: Add two DNS A records.
Host: Enter your custom domain key for both records.

The host you indicate is the domain on which you want to serve content; this domain can be an apex domain or subdomain.

Your domain provider may list this term as "Host name", "Name", or "Domain".

Value: Assign one value to each DNS A record to point your domain to the specified IP addresses.

Wait for SSL certificate provisioning

After we verify domain ownership, we provision an SSL certificate for your domain and deploy it across our global CDN within 24 hours after you point your DNS A records to Firebase Hosting.

Your domain will be listed as one of the Subject Alternative Names (SAN) in the FirebaseApp SSL certificate. You can view this certificate using the browser's security tools. While the domain is provisioning, you might see an invalid certificate that does not include your domain name. This is a normal part of the process and will resolve after your domain's certificate is available.

For Advanced Setup users, your website will be hosted by your previous hosting provider until the setup status in your project's Firebase Hosting page updates to Connected.

Your custom domain key

When adding or editing DNS records, different domain providers expect you to enter different inputs for the Host field within their DNS management sites. We've compiled common inputs from popular providers below. Refer to your domain provider's documentation for more detailed instructions.

Domain type Custom domain key

Domain type	Custom domain key
Apex domain	Common inputs include: `@` The apex domain name (`yourdomain.com`) Leaving the Host field blank
Subdomain	Common inputs include: The subdomain name (`app.yourdomain.com`) Solely the subdomain portion (`app`, leaving out `.yourdomain.com`) A common use case is inputting `www` as your key for the subdomain `www.yourdomain.com`

Apex domain

Common inputs include:

@
The apex domain name (yourdomain.com)
Leaving the Host field blank

Subdomain

Common inputs include:

The subdomain name (app.yourdomain.com)
Solely the subdomain portion (app, leaving out .yourdomain.com)
- A common use case is inputting www as your key for the subdomain www.yourdomain.com

Setup status descriptions for custom domains

Status	Description
Needs setup	You may need to change a configuration with your DNS records. In most cases, your DNS A records haven't propagated from your domain name provider to Firebase Hosting servers. Troubleshooting tip: If it's been more than 24 hours, check that you've pointed your records to Firebase Hosting. In rarer cases, especially if you're using the Advanced Setup flow, SSL challenges might be failing because: Your DNS records have A records or CNAME records that point to other hosting providers. Troubleshooting tip: Check that your A records point only to Firebase Hosting, and remove all CNAME records. Migration failed, and the token (DNS TXT records or uploaded file provided to your site) is now invalid. Troubleshooting tip: Click View for the domain, then provide the new token to your existing domain.
Pending	You correctly set up your custom domain, but Firebase Hosting hasn't provisioned an SSL certificate. Occasionally, the following issues can stall the minting of an SSL certificate for a custom domain: Your CAA records are too restrictive. Troubleshooting tip: Ensure that the certificate authority Let's Encrypt is allowed to create SSL certs for your domain. Your challenge code is invalid. If you're using the Advanced Setup flow and migration failed, your token (and its challenge code) are now invalid. Troubleshooting tip: Click View for the domain, then provide the new token to your existing domain. You requested certs for too many subdomains. Troubleshooting tip: Generally, Firebase Hosting recommends no more than 20 subdomains on one apex custom domain, due to SSL certificate minting limits.
Connected	Your custom domain has the proper DNS records and has an SSL certificate. You can serve your site's content.
Needs Re-Verification	Firebase may require you to manually re-verify your domain ownership if either of the following situations happen: The TXT record added when you initially verified your domain ownership was altered or removed from your domain's DNS settings. Note that multiple TXT records with a google-site-verification token are allowed on a single domain. We require that the TXT record is continually present in your DNS settings as this proves you own the domain and authorize us to assign and renew SSL certificates for your site. The person that proved ownership of the domain was removed as a member of your Firebase project. Troubleshooting tip: Visit your project's Hosting page to complete the re-verification process within the specified time window (usually 30 days) to avoid your custom domain from being automatically disconnected from Firebase Hosting.