Naar console

firebase_admin.auth module

Firebase Authentication module.

This module contains functions for minting and verifying JWTs used for authenticating against Firebase services. It also provides functions for creating and managing user accounts in Firebase projects.

Exceptions

exception firebase_admin.auth.CertificateFetchError(message, cause)

Bases: firebase_admin.exceptions.UnknownError

Failed to fetch some public key certificates required to verify a token.

exception firebase_admin.auth.EmailAlreadyExistsError(message, cause, http_response)

Bases: firebase_admin.exceptions.AlreadyExistsError

The user with the provided email already exists.

default_message = 'The user with the provided email already exists'
exception firebase_admin.auth.ExpiredIdTokenError(message, cause)

Bases: firebase_admin._auth_utils.InvalidIdTokenError

The provided ID token is expired.

exception firebase_admin.auth.ExpiredSessionCookieError(message, cause)

Bases: firebase_admin._token_gen.InvalidSessionCookieError

The provided session cookie is expired.

exception firebase_admin.auth.InsufficientPermissionError(message, cause, http_response)

Bases: firebase_admin.exceptions.PermissionDeniedError

The credential used to initialize the SDK lacks required permissions.

default_message = 'The credential used to initialize the SDK has insufficient permissions to perform the requested operation. See https://firebase.google.com/docs/admin/setup for details on how to initialize the Admin SDK with appropriate permissions'
exception firebase_admin.auth.InvalidDynamicLinkDomainError(message, cause, http_response)

Bases: firebase_admin.exceptions.InvalidArgumentError

Dynamic link domain in ActionCodeSettings is not authorized.

default_message = 'Dynamic link domain specified in ActionCodeSettings is not authorized'
exception firebase_admin.auth.InvalidIdTokenError(message, cause=None, http_response=None)

Bases: firebase_admin.exceptions.InvalidArgumentError

The provided ID token is not a valid Firebase ID token.

default_message = 'The provided ID token is invalid'
exception firebase_admin.auth.InvalidSessionCookieError(message, cause=None)

Bases: firebase_admin.exceptions.InvalidArgumentError

The provided string is not a valid Firebase session cookie.

exception firebase_admin.auth.PhoneNumberAlreadyExistsError(message, cause, http_response)

Bases: firebase_admin.exceptions.AlreadyExistsError

The user with the provided phone number already exists.

default_message = 'The user with the provided phone number already exists'
exception firebase_admin.auth.RevokedIdTokenError(message)

Bases: firebase_admin._auth_utils.InvalidIdTokenError

The provided ID token has been revoked.

exception firebase_admin.auth.RevokedSessionCookieError(message)

Bases: firebase_admin._token_gen.InvalidSessionCookieError

The provided session cookie has been revoked.

exception firebase_admin.auth.TokenSignError(message, cause)

Bases: firebase_admin.exceptions.UnknownError

Unexpected error while signing a Firebase custom token.

exception firebase_admin.auth.UidAlreadyExistsError(message, cause, http_response)

Bases: firebase_admin.exceptions.AlreadyExistsError

The user with the provided uid already exists.

default_message = 'The user with the provided uid already exists'
exception firebase_admin.auth.UnexpectedResponseError(message, cause=None, http_response=None)

Bases: firebase_admin.exceptions.UnknownError

Backend service responded with an unexpected or malformed response.

exception firebase_admin.auth.UserNotFoundError(message, cause=None, http_response=None)

Bases: firebase_admin.exceptions.NotFoundError

No user record found for the specified identifier.

default_message = 'No user record found for the given identifier'

Classes

class firebase_admin.auth.ActionCodeSettings(url, handle_code_in_app=None, dynamic_link_domain=None, ios_bundle_id=None, android_package_name=None, android_install_app=None, android_minimum_version=None)

Bases: object

Contains required continue/state URL with optional Android and iOS settings. Used when invoking the email action link generation APIs.

class firebase_admin.auth.ErrorInfo(error)

Bases: object

Represents an error encountered while importing an ImportUserRecord.

index
reason
class firebase_admin.auth.ExportedUserRecord(data)

Bases: firebase_admin._user_mgt.UserRecord

Contains metadata associated with a user including password hash and salt.

password_hash

The user’s password hash as a base64-encoded string.

If the Firebase Auth hashing algorithm (SCRYPT) was used to create the user account, this is the base64-encoded password hash of the user. If a different hashing algorithm was used to create this user, as is typical when migrating from another Auth system, this is an empty string. If no password is set, or if the service account doesn’t have permission to read the password, then this is None.

password_salt

The user’s password salt as a base64-encoded string.

If the Firebase Auth hashing algorithm (SCRYPT) was used to create the user account, this is the base64-encoded password salt of the user. If a different hashing algorithm was used to create this user, as is typical when migrating from another Auth system, this is an empty string. If no password is set, or if the service account doesn’t have permission to read the password, then this is None.

class firebase_admin.auth.ImportUserRecord(uid, email=None, email_verified=None, display_name=None, phone_number=None, photo_url=None, disabled=None, user_metadata=None, provider_data=None, custom_claims=None, password_hash=None, password_salt=None)

Bases: object

Represents a user account to be imported to Firebase Auth.

Must specify the uid field at a minimum. A sequence of ImportUserRecord objects can be passed to the auth.import_users() function, in order to import those users into Firebase Auth in bulk. If the password_hash is set on a user, a hash configuration must be specified when calling import_users().

Parameters:
  • uid – User’s unique ID. Must be a non-empty string not longer than 128 characters.
  • email – User’s email address (optional).
  • email_verified – A boolean indicating whether the user’s email has been verified (optional).
  • display_name – User’s display name (optional).
  • phone_number – User’s phone number (optional).
  • photo_url – User’s photo URL (optional).
  • disabled – A boolean indicating whether this user account has been disabled (optional).
  • user_metadata – An auth.UserMetadata instance with additional user metadata (optional).
  • provider_data – A list of auth.UserProvider instances (optional).
  • custom_claims – A dict of custom claims to be set on the user account (optional).
  • password_hash – User’s password hash as a bytes sequence (optional).
  • password_salt – User’s password salt as a bytes sequence (optional).
Raises:

ValueError – If provided arguments are invalid.

to_dict()

Returns a dict representation of the user. For internal use only.

custom_claims
display_name
email
password_hash
password_salt
phone_number
photo_url
provider_data
uid
user_metadata
class firebase_admin.auth.ListUsersPage(download, page_token, max_results)

Bases: object

Represents a page of user records exported from a Firebase project.

Provides methods for traversing the user accounts included in this page, as well as retrieving subsequent pages of users. The iterator returned by iterate_all() can be used to iterate through all users in the Firebase project starting from this page.

get_next_page()

Retrieves the next page of user accounts, if available.