FIRAuth

@interface FIRAuth : NSObject

Manages authentication for Firebase apps. This class is thread-safe.

  • Gets the auth object for the default Firebase app. Thread safe.

    Declaration

    Swift

    class func auth() -> FIRAuth?

    Objective-C

    + (nullable FIRAuth *)auth;
  • Gets the auth object for a FIRApp.

    Declaration

    Swift

    /*not inherited*/ init?(app: FIRApp)

    Objective-C

    + (nullable FIRAuth *)authWithApp:(nonnull FIRApp *)app;

    Parameters

    app

    The FIRApp for which to retrieve the associated FIRAuth instance.

    Return Value

    The FIRAuth instance associated with the given FIRApp.

  • app

    Gets the FIRApp object that this auth object is connected to.

    Declaration

    Swift

    weak var app: FIRApp? { get }

    Objective-C

    @property (readonly, nonatomic, nullable) FIRApp *app;
  • Synchronously gets the cached current user, or null if there is none.

    Declaration

    Swift

    var currentUser: FIRUser? { get }

    Objective-C

    @property (readonly, strong, nonatomic, nullable) FIRUser *currentUser;
  • Please access auth instances using FIRAuth.auth and FIRAuth.authForApp:.

    Declaration

    Objective-C

    - (nonnull instancetype)init;
  • Fetches the list of IdPs that can be used for signing in with the provided email address. Useful for an identifier-first sign-in flow.

    Possible error codes:

    • FIRAuthErrorCodeInvalidEmail - Indicates the email address is malformed.

    See FIRAuthErrors for a list of error codes that are common to all API methods.

    Declaration

    Swift

    func fetchProviders(forEmail email: String, completion: FIRProviderQueryCallback? = nil)

    Objective-C

    - (void)fetchProvidersForEmail:(nonnull NSString *)email
                        completion:(nullable FIRProviderQueryCallback)completion;

    Parameters

    email

    The email address for which to obtain a list of identity providers.

    completion

    Optionally; a block which is invoked when the list of providers for the specified email address is ready or an error was encountered. Invoked asynchronously on the main thread in the future.

  • Signs in using an email address and password.

    Possible error codes:

    • FIRAuthErrorCodeOperationNotAllowed - Indicates that email and password accounts are not enabled. Enable them in the Auth section of the Firebase console.
    • FIRAuthErrorCodeUserDisabled - Indicates the user’s account is disabled.
    • FIRAuthErrorCodeWrongPassword - Indicates the user attempted sign in with an incorrect password.
    • FIRAuthErrorCodeInvalidEmail - Indicates the email address is malformed.

    See FIRAuthErrors for a list of error codes that are common to all API methods.

    Declaration

    Swift

    func signIn(withEmail email: String, password: String, completion: FIRAuthResultCallback? = nil)

    Objective-C

    - (void)signInWithEmail:(nonnull NSString *)email
                   password:(nonnull NSString *)password
                 completion:(nullable FIRAuthResultCallback)completion;

    Parameters

    email

    The user’s email address.

    password

    The user’s password.

    completion

    Optionally; a block which is invoked when the sign in flow finishes, or is canceled. Invoked asynchronously on the main thread in the future.

  • Asynchronously signs in to Firebase with the given 3rd-party credentials (e.g. a Facebook login Access Token, a Google ID Token/Access Token pair, etc.)

    Possible error codes:

    • FIRAuthErrorCodeInvalidCredential - Indicates the supplied credential is invalid. This could happen if it has expired or it is malformed.
    • FIRAuthErrorCodeOperationNotAllowed - Indicates that accounts with the identity provider represented by the credential are not enabled. Enable them in the Auth section of the Firebase console.
    • FIRAuthErrorCodeEmailAlreadyInUse - Indicates the email asserted by the credential (e.g. the email in a Facebook access token) is already in use by an existing account, that cannot be authenticated with this sign-in method. Call fetchProvidersForEmail for this user’s email and then prompt them to sign in with any of the sign-in providers returned. This error will only be thrown if the One account per email address setting is enabled in the Firebase console, under Auth settings. Please note that the error code raised in this specific situation may not be the same on Web and Android.
    • FIRAuthErrorCodeUserDisabled - Indicates the user’s account is disabled.
    • FIRAuthErrorCodeWrongPassword - Indicates the user attempted sign in with an incorrect password, if credential is of the type EmailPasswordAuthCredential.
    • FIRAuthErrorCodeInvalidEmail - Indicates the email address is malformed.

    See FIRAuthErrors for a list of error codes that are common to all API methods.

    Declaration

    Swift

    func signIn(with credential: FIRAuthCredential, completion: FIRAuthResultCallback? = nil)

    Objective-C

    - (void)signInWithCredential:(nonnull FIRAuthCredential *)credential
                      completion:(nullable FIRAuthResultCallback)completion;

    Parameters

    credential

    The credential supplied by the IdP.

    completion

    Optionally; a block which is invoked when the sign in flow finishes, or is canceled. Invoked asynchronously on the main thread in the future.

  • Asynchronously creates and becomes an anonymous user. - parameter: completion Optionally; a block which is invoked when the sign in finishes, or is canceled. Invoked asynchronously on the main thread in the future.

    If there is already an anonymous user signed in, that user will be returned instead. If there is any other existing user signed in, that user will be signed out.

    Possible error codes:

    • FIRAuthErrorCodeOperationNotAllowed - Indicates that anonymous accounts are not enabled. Enable them in the Auth section of the Firebase console.

    See FIRAuthErrors for a list of error codes that are common to all API methods.

    Declaration

    Swift

    func signInAnonymously(completion: FIRAuthResultCallback? = nil)

    Objective-C

    - (void)signInAnonymouslyWithCompletion:
        (nullable FIRAuthResultCallback)completion;

    Parameters

    completion

    Optionally; a block which is invoked when the sign in finishes, or is canceled. Invoked asynchronously on the main thread in the future.

  • Asynchronously signs in to Firebase with the given Auth token.

    Possible error codes:

    • FIRAuthErrorCodeInvalidCustomToken - Indicates a validation error with the custom token.
    • FIRAuthErrorCodeCustomTokenMismatch - Indicates the service account and the API key belong to different projects.

    See FIRAuthErrors for a list of error codes that are common to all API methods.

    Declaration

    Swift

    func signIn(withCustomToken token: String, completion: FIRAuthResultCallback? = nil)

    Objective-C

    - (void)signInWithCustomToken:(nonnull NSString *)token
                       completion:(nullable FIRAuthResultCallback)completion;

    Parameters

    token

    A self-signed custom auth token.

    completion

    Optionally; a block which is invoked when the sign in finishes, or is canceled. Invoked asynchronously on the main thread in the future.

  • Creates and, on success, signs in a user with the given email address and password.

    Possible error codes:

    • FIRAuthErrorCodeInvalidEmail - Indicates the email address is malformed.
    • FIRAuthErrorCodeEmailAlreadyInUse - Indicates the email used to attempt sign up already exists. Call fetchProvidersForEmail to check which sign-in mechanisms the user used, and prompt the user to sign in with one of those.
    • FIRAuthErrorCodeOperationNotAllowed - Indicates that email and password accounts are not enabled. Enable them in the Auth section of the Firebase console.
    • FIRAuthErrorCodeWeakPassword - Indicates an attempt to set a password that is considered too weak. The NSLocalizedFailureReasonErrorKey field in the NSError.userInfo dictionary object will contain more detailed explanation that can be shown to the user.

    See FIRAuthErrors for a list of error codes that are common to all API methods.

    Declaration

    Swift

    func createUser(withEmail email: String, password: String, completion: FIRAuthResultCallback? = nil)

    Objective-C

    - (void)createUserWithEmail:(nonnull NSString *)email
                       password:(nonnull NSString *)password
                     completion:(nullable FIRAuthResultCallback)completion;

    Parameters

    email

    The user’s email address.

    password

    The user’s desired password.

    completion

    Optionally; a block which is invoked when the sign up flow finishes, or is canceled. Invoked asynchronously on the main thread in the future.

  • Resets the password given a code sent to the user outside of the app and a new password for the user.

    Possible error codes:

    • FIRAuthErrorCodeWeakPassword - Indicates an attempt to set a password that is considered too weak.
    • FIRAuthErrorCodeOperationNotAllowed - Indicates the administrator disabled sign in with the specified identity provider.
    • FIRAuthErrorCodeExpiredActionCode - Indicates the OOB code is expired.
    • FIRAuthErrorCodeInvalidActionCode - Indicates the OOB code is invalid.

    See FIRAuthErrors for a list of error codes that are common to all API methods.

    Declaration

    Swift

    func confirmPasswordReset(withCode code: String, newPassword: String, completion: @escaping FIRConfirmPasswordResetCallback)

    Objective-C

    - (void)confirmPasswordResetWithCode:(nonnull NSString *)code
                             newPassword:(nonnull NSString *)newPassword
                              completion:(nonnull FIRConfirmPasswordResetCallback)
                                             completion;

    Parameters

    newPassword

    The new password.

    completion

    Optionally; a block which is invoked when the request finishes. Invoked asynchronously on the main thread in the future.

  • Checks the validity of an out of band code.

    Declaration

    Swift

    func checkActionCode(_ code: String, completion: @escaping FIRCheckActionCodeCallBack)

    Objective-C

    - (void)checkActionCode:(nonnull NSString *)code
                 completion:(nonnull FIRCheckActionCodeCallBack)completion;

    Parameters

    code

    The out of band code to check validity.

    completion

    Optionally; a block which is invoked when the request finishes. Invoked asynchronously on the main thread in the future.

  • Checks the validity of a verify password reset code.

    Declaration

    Swift

    func verifyPasswordResetCode(_ code: String, completion: @escaping FIRVerifyPasswordResetCodeCallback)

    Objective-C

    - (void)verifyPasswordResetCode:(nonnull NSString *)code
                         completion:
                             (nonnull FIRVerifyPasswordResetCodeCallback)completion;

    Parameters

    code

    The password reset code to be verified.

    completion

    Optionally; a block which is invoked when the request finishes. Invoked asynchronously on the main thread in the future.

  • Applies out of band code.

    This method will not work for out of band codes which require an additional parameter, such as password reset code.

    Declaration

    Swift

    func applyActionCode(_ code: String, completion: @escaping FIRApplyActionCodeCallback)

    Objective-C

    - (void)applyActionCode:(nonnull NSString *)code
                 completion:(nonnull FIRApplyActionCodeCallback)completion;

    Parameters

    code

    The out of band code to be applied.

    completion

    Optionally; a block which is invoked when the request finishes. Invoked asynchronously on the main thread in the future.

  • Initiates a password reset for the given email address.

    Possible error codes:

    • FIRAuthErrorCodeInvalidRecipientEmail - Indicates an invalid recipient email was sent in the request.
    • FIRAuthErrorCodeInvalidSender - Indicates an invalid sender email is set in the console for this action.
    • FIRAuthErrorCodeInvalidMessagePayload - Indicates an invalid email template for sending update email.

    Declaration

    Swift

    func sendPasswordReset(withEmail email: String, completion: FIRSendPasswordResetCallback? = nil)

    Objective-C

    - (void)sendPasswordResetWithEmail:(nonnull NSString *)email
                            completion:
                                (nullable FIRSendPasswordResetCallback)completion;

    Parameters

    email

    The email address of the user.

    completion

    Optionally; a block which is invoked when the request finishes. Invoked asynchronously on the main thread in the future.

  • Signs out the current user.

    Possible error codes:

    • FIRAuthErrorCodeKeychainError - Indicates an error occurred when accessing the keychain. The NSLocalizedFailureReasonErrorKey field in the NSError.userInfo dictionary will contain more information about the error encountered.

    Declaration

    Swift

    func signOut() throws

    Objective-C

    - (BOOL)signOut:(NSError *_Nullable *_Nullable)error;

    Parameters

    error

    Optionally; if an error occurs, upon return contains an NSError object that describes the problem; is nil otherwise.

    Return Value

    @YES when the sign out request was successful. @NO otherwise.

  • Registers a block as an auth state did change listener. To be invoked when:

    • The block is registered as a listener,
    • The current user changes, or,
    • The current user’s access token changes.

    The block is invoked immediately after adding it according to it’s standard invocation semantics, asynchronously on the main thread. Users should pay special attention to making sure the block does not inadvertently retain objects which should not be retained by the long-lived block. The block itself will be retained by FIRAuth until it is unregistered or until the FIRAuth instance is otherwise deallocated.

    Declaration

    Swift

    func addStateDidChangeListener(_ listener: @escaping FIRAuthStateDidChangeListenerBlock) -> FIRAuthStateDidChangeListenerHandle

    Objective-C

    - (nonnull FIRAuthStateDidChangeListenerHandle)addAuthStateDidChangeListener:
        (nonnull FIRAuthStateDidChangeListenerBlock)listener;

    Parameters

    listener

    The block to be invoked. The block is always invoked asynchronously on the main thread, even for it’s initial invocation after having been added as a listener.

    Return Value

    A handle useful for manually unregistering the block as a listener.

  • Unregisters a block as an auth state did change listener.

    Declaration

    Swift

    func removeStateDidChangeListener(_ listenerHandle: FIRAuthStateDidChangeListenerHandle)

    Objective-C

    - (void)removeAuthStateDidChangeListener:
        (nonnull FIRAuthStateDidChangeListenerHandle)listenerHandle;

    Parameters

    listenerHandle

    The handle for the listener.