Firebase Authentication
Functions
| Function | Description |
|---|---|
| function(app, ...) | |
| getAuth(app) | Returns the Auth instance associated with the provided FirebaseApp. If no instance exists, initializes an Auth instance with platform-specific default dependencies. |
| initializeAuth(app, deps) | Initializes an Auth instance with fine-grained control over Dependencies. |
| function(storage, ...) | |
| getReactNativePersistence(storage) | Returns a persistence object that wraps AsyncStorage imported from react-native or @react-native-community/async-storage, and can be used in the persistence dependency field in initializeAuth(). |
| function(auth, ...) | |
| applyActionCode(auth, oobCode) | Applies a verification code sent to the user by email or other out-of-band mechanism. |
| beforeAuthStateChanged(auth, callback, onAbort) | Adds a blocking callback that runs before an auth state change sets a new user. |
| checkActionCode(auth, oobCode) | Checks a verification code sent to the user by email or other out-of-band mechanism. |
| confirmPasswordReset(auth, oobCode, newPassword) | Completes the password reset process, given a confirmation code and new password. |
| connectAuthEmulator(auth, url, options) | Changes the Auth instance to communicate with the Firebase Auth Emulator, instead of production Firebase Auth services. |
| createUserWithEmailAndPassword(auth, email, password) | Creates a new user account associated with the specified email address and password. |
| fetchSignInMethodsForEmail(auth, email) | Gets the list of possible sign in methods for the given email address. This method returns an empty list when Email Enumeration Protection is enabled, irrespective of the number of authentication methods available for the given email. |
| getMultiFactorResolver(auth, error) | Provides a MultiFactorResolver suitable for completion of a multi-factor flow. |
| getRedirectResult(auth, resolver) | Returns a UserCredential from the redirect-based sign-in flow. |
| initializeRecaptchaConfig(auth) | Loads the reCAPTCHA configuration into the Auth instance. |
| isSignInWithEmailLink(auth, emailLink) | Checks if an incoming link is a sign-in with email link suitable for signInWithEmailLink(). |
| onAuthStateChanged(auth, nextOrObserver, error, completed) | Adds an observer for changes to the user's sign-in state. |
| onIdTokenChanged(auth, nextOrObserver, error, completed) | Adds an observer for changes to the signed-in user's ID token. |
| revokeAccessToken(auth, token) | Revokes the given access token. Currently only supports Apple OAuth access tokens. |
| sendPasswordResetEmail(auth, email, actionCodeSettings) | Sends a password reset email to the given email address. This method does not throw an error when there's no user account with the given email address and Email Enumeration Protection is enabled. |
| sendSignInLinkToEmail(auth, email, actionCodeSettings) | Sends a sign-in email link to the user with the specified email. |
| setPersistence(auth, persistence) | Changes the type of persistence on the Auth instance for the currently saved Auth session and applies this type of persistence for future sign-in requests, including sign-in with redirect requests. |
| signInAnonymously(auth) | Asynchronously signs in as an anonymous user. |
| signInWithCredential(auth, credential) | Asynchronously signs in with the given credentials. |
| signInWithCustomToken(auth, customToken) | Asynchronously signs in using a custom token. |
| signInWithEmailAndPassword(auth, email, password) | Asynchronously signs in using an email and password. |
| signInWithEmailLink(auth, email, emailLink) | Asynchronously signs in using an email and sign-in email link. |
| signInWithPhoneNumber(auth, phoneNumber, appVerifier) | Asynchronously signs in using a phone number. |
| signInWithPopup(auth, provider, resolver) | Authenticates a Firebase client using a popup-based OAuth authentication flow. |
| signInWithRedirect(auth, provider, resolver) | Authenticates a Firebase client using a full-page redirect flow. |
| signOut(auth) | Signs out the current user. |
| updateCurrentUser(auth, user) | Asynchronously sets the provided user as Auth.currentUser on the Auth instance. |
| useDeviceLanguage(auth) | Sets the current language to the default device/browser preference. |
| validatePassword(auth, password) | Validates the password against the password policy configured for the project or tenant. |
| verifyPasswordResetCode(auth, code) | Checks a password reset code sent to the user by email or other out-of-band mechanism. |
| function(link, ...) | |
| parseActionCodeURL(link) | Parses the email action link string and returns an ActionCodeURL if the link is valid, otherwise returns null. |
| function(user, ...) | |
| deleteUser(user) | Deletes and signs out the user. |
| getIdToken(user, forceRefresh) | Returns a JSON Web Token (JWT) used to identify the user to a Firebase service. |
| getIdTokenResult(user, forceRefresh) | Returns a deserialized JSON Web Token (JWT) used to identify the user to a Firebase service. |
| linkWithCredential(user, credential) | Links the user account with the given credentials. |
| linkWithPhoneNumber(user, phoneNumber, appVerifier) | Links the user account with the given phone number. |
| linkWithPopup(user, provider, resolver) | Links the authenticated provider to the user account using a pop-up based OAuth flow. |
| linkWithRedirect(user, provider, resolver) | Links the OAuthProvider to the user account using a full-page redirect flow. |
| multiFactor(user) | The MultiFactorUser corresponding to the user. |
| reauthenticateWithCredential(user, credential) | Re-authenticates a user using a fresh credential. |
| reauthenticateWithPhoneNumber(user, phoneNumber, appVerifier) | Re-authenticates a user using a fresh phone credential. |
| reauthenticateWithPopup(user, provider, resolver) | Reauthenticates the current user with the specified OAuthProvider using a pop-up based OAuth flow. |
| reauthenticateWithRedirect(user, provider, resolver) | Reauthenticates the current user with the specified OAuthProvider using a full-page redirect flow. |
| reload(user) | Reloads user account data, if signed in. |
| sendEmailVerification(user, actionCodeSettings) | Sends a verification email to a user. |
| unlink(user, providerId) | Unlinks a provider from a user account. |
| updateEmail(user, newEmail) | Updates the user's email address. |
| updatePassword(user, newPassword) | Updates the user's password. |
| updatePhoneNumber(user, credential) | Updates the user's phone number. |
| updateProfile(user, { displayName, photoURL: photoUrl }) | Updates a user's profile data. |
| verifyBeforeUpdateEmail(user, newEmail, actionCodeSettings) | Sends a verification email to a new email address. |
| function(userCredential, ...) | |
| getAdditionalUserInfo(userCredential) | Extracts provider specific AdditionalUserInfo for the given credential. |
Classes
| Class | Description |
|---|---|
| ActionCodeURL | A utility class to parse email action URLs such as password reset, email verification, email link sign in, etc. |
| AuthCredential | Interface that represents the credentials returned by an AuthProvider. |
| EmailAuthCredential | Interface that represents the credentials returned by EmailAuthProvider for ProviderId.PASSWORD |
| EmailAuthProvider | Provider for generating EmailAuthCredential. |
| FacebookAuthProvider | Provider for generating an OAuthCredential for ProviderId.FACEBOOK. |
| GithubAuthProvider | Provider for generating an OAuthCredential for ProviderId.GITHUB. |
| GoogleAuthProvider | Provider for generating an OAuthCredential for ProviderId.GOOGLE. |
| OAuthCredential | Represents the OAuth credentials returned by an OAuthProvider. |
| OAuthProvider | Provider for generating generic OAuthCredential. |
| PhoneAuthCredential | Represents the credentials returned by PhoneAuthProvider. |
| PhoneAuthProvider | Provider for generating an PhoneAuthCredential. |
| PhoneMultiFactorGenerator | Provider for generating a PhoneMultiFactorAssertion. |
| RecaptchaVerifier | An reCAPTCHA-based application verifier. |
| SAMLAuthProvider | An AuthProvider for SAML. |
| TotpMultiFactorGenerator | Provider for generating a TotpMultiFactorAssertion. |
| TotpSecret | Provider for generating a TotpMultiFactorAssertion.Stores the shared secret key and other parameters to generate time-based OTPs. Implements methods to retrieve the shared secret key and generate a QR code URL. |
| TwitterAuthProvider | Provider for generating an OAuthCredential for ProviderId.TWITTER. |
Interfaces
| Interface | Description |
|---|---|
| ActionCodeInfo | A response from checkActionCode(). |
| ActionCodeSettings | An interface that defines the required continue/state URL with optional Android and iOS bundle identifiers. |
| AdditionalUserInfo | A structure containing additional user information from a federated identity provider. |
| ApplicationVerifier | A verifier for domain verification and abuse prevention. |
| Auth | Interface representing Firebase Auth service. |
| AuthError | Interface for an Auth error. |
| AuthErrorMap | A mapping of error codes to error messages. |
| AuthProvider | Interface that represents an auth provider, used to facilitate creating AuthCredential. |
| AuthSettings | Interface representing an Auth instance's settings. |
| Config | Interface representing the Auth config. |
| ConfirmationResult | A result from a phone number sign-in, link, or reauthenticate call. |
| Dependencies | The dependencies that can be used to initialize an Auth instance. |
| EmulatorConfig | Configuration of Firebase Authentication Emulator. |
| IdTokenResult | Interface representing ID token result obtained from User.getIdTokenResult(). |
| MultiFactorAssertion | The base class for asserting ownership of a second factor. |
| MultiFactorError | The error thrown when the user needs to provide a second factor to sign in successfully. |
| MultiFactorInfo | A structure containing the information of a second factor entity. |
| MultiFactorResolver | The class used to facilitate recovery from MultiFactorError when a user needs to provide a second factor to sign in. |
| MultiFactorSession | An interface defining the multi-factor session object used for enrolling a second factor on a user or helping sign in an enrolled user with a second factor. |
| MultiFactorUser | An interface that defines the multi-factor related properties and operations pertaining to a User. |
| OAuthCredentialOptions | Defines the options for initializing an OAuthCredential. |
| ParsedToken | Interface representing a parsed ID token. |
| PasswordPolicy | A structure specifying password policy requirements. |
| PasswordValidationStatus | A structure indicating which password policy requirements were met or violated and what the requirements are. |
| Persistence | An interface covering the possible persistence mechanism types. |
| PhoneMultiFactorAssertion | The class for asserting ownership of a phone second factor. Provided by PhoneMultiFactorGenerator.assertion(). |
| PhoneMultiFactorEnrollInfoOptions | Options used for enrolling a second factor. |
| PhoneMultiFactorInfo | The subclass of the MultiFactorInfo interface for phone number second factors. The factorId of this second factor is FactorId.PHONE. |
| PhoneMultiFactorSignInInfoOptions | Options used for signing in with a second factor. |
| PhoneSingleFactorInfoOptions | Options used for single-factor sign-in. |
| PopupRedirectResolver | A resolver used for handling DOM specific operations like signInWithPopup() or signInWithRedirect(). |
| ReactNativeAsyncStorage | Interface for a supplied AsyncStorage. |
| RecaptchaParameters | Interface representing reCAPTCHA parameters.See the reCAPTCHA docs for the list of accepted parameters. All parameters are accepted except for sitekey: Firebase Auth provisions a reCAPTCHA for each project and will configure the site key upon rendering.For an invisible reCAPTCHA, set the size key to invisible. |
| TotpMultiFactorAssertion | The class for asserting ownership of a TOTP second factor. Provided by TotpMultiFactorGenerator.assertionForEnrollment() and TotpMultiFactorGenerator.assertionForSignIn(). |
| TotpMultiFactorInfo | The subclass of the MultiFactorInfo interface for TOTP second factors. The factorId of this second factor is FactorId.TOTP. |
| User | A user account. |
| UserCredential | A structure containing a User, the OperationType, and the provider ID. |
| UserInfo | User profile information, visible only to the Firebase project's apps. |
| UserMetadata | Interface representing a user's metadata. |
Variables
| Variable | Description |
|---|---|
| ActionCodeOperation | An enumeration of the possible email action types. |
| AuthErrorCodes | A map of potential Auth error codes, for easier comparison with errors thrown by the SDK. |
| browserLocalPersistence | An implementation of Persistence of type LOCAL using localStorage for the underlying storage. |
| browserPopupRedirectResolver | An implementation of PopupRedirectResolver suitable for browser based applications. |
| browserSessionPersistence | An implementation of Persistence of SESSION using sessionStorage for the underlying storage. |
| cordovaPopupRedirectResolver | An implementation of PopupRedirectResolver suitable for Cordova based applications. |
| debugErrorMap | A verbose error map with detailed descriptions for most error codes.See discussion at AuthErrorMap |
| FactorId | An enum of factors that may be used for multifactor authentication. |
| indexedDBLocalPersistence | An implementation of Persistence of type LOCAL using indexedDB for the underlying storage. |
| inMemoryPersistence | An implementation of Persistence of type 'NONE'. |
| OperationType | Enumeration of supported operation types. |
| prodErrorMap | A minimal error map with all verbose error messages stripped.See discussion at AuthErrorMap |
| ProviderId | Enumeration of supported providers. |
| SignInMethod | Enumeration of supported sign-in methods. |
Type Aliases
| Type Alias | Description |
|---|---|
| CustomParameters | Map of OAuth Custom Parameters. |
| NextOrObserver | Type definition for an event callback. |
| PhoneInfoOptions | The information required to verify the ownership of a phone number. |
| UserProfile | User profile used in AdditionalUserInfo. |
function(app, ...)
getAuth(app)
Returns the Auth instance associated with the provided FirebaseApp. If no instance exists, initializes an Auth instance with platform-specific default dependencies.
Signature:
export declare function getAuth(app?: FirebaseApp): Auth;
Parameters
| Parameter | Type | Description |
|---|---|---|
| app | FirebaseApp | The Firebase App. |
Returns:
initializeAuth(app, deps)
Initializes an Auth instance with fine-grained control over Dependencies.
This function allows more control over the Auth instance than getAuth(). getAuth uses platform-specific defaults to supply the Dependencies. In general, getAuth is the easiest way to initialize Auth and works for most use cases. Use initializeAuth if you need control over which persistence layer is used, or to minimize bundle size if you're not using either signInWithPopup or signInWithRedirect.
For example, if your app only uses anonymous accounts and you only want accounts saved for the current session, initialize Auth with:
const auth = initializeAuth(app, {
persistence: browserSessionPersistence,
popupRedirectResolver: undefined,
});
Signature:
export declare function initializeAuth(app: FirebaseApp, deps?: Dependencies): Auth;
Parameters
| Parameter | Type | Description |
|---|---|---|
| app | FirebaseApp | |
| deps | Dependencies |
Returns:
function(storage, ...)
getReactNativePersistence(storage)
Returns a persistence object that wraps AsyncStorage imported from react-native or @react-native-community/async-storage, and can be used in the persistence dependency field in initializeAuth().
Signature:
export declare function getReactNativePersistence(storage: ReactNativeAsyncStorage): Persistence;
Parameters
| Parameter | Type | Description |
|---|---|---|
| storage | ReactNativeAsyncStorage |
Returns:
function(auth, ...)
applyActionCode(auth, oobCode)
Applies a verification code sent to the user by email or other out-of-band mechanism.
Signature:
export declare function applyActionCode(auth: Auth, oobCode: string): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| oobCode | string | A verification code sent to the user. |
Returns:
Promise<void>
beforeAuthStateChanged(auth, callback, onAbort)
Adds a blocking callback that runs before an auth state change sets a new user.
Signature:
export declare function beforeAuthStateChanged(auth: Auth, callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| callback | (user: User | null) => void | Promise<void> | callback triggered before new user value is set. If this throws, it blocks the user from being set. |
| onAbort | () => void | callback triggered if a later beforeAuthStateChanged() callback throws, allowing you to undo any side effects. |
Returns:
checkActionCode(auth, oobCode)
Checks a verification code sent to the user by email or other out-of-band mechanism.
Signature:
export declare function checkActionCode(auth: Auth, oobCode: string): Promise<ActionCodeInfo>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| oobCode | string | A verification code sent to the user. |
Returns:
Promise<ActionCodeInfo>
metadata about the code.
confirmPasswordReset(auth, oobCode, newPassword)
Completes the password reset process, given a confirmation code and new password.
Signature:
export declare function confirmPasswordReset(auth: Auth, oobCode: string, newPassword: string): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| oobCode | string | A confirmation code sent to the user. |
| newPassword | string | The new password. |
Returns:
Promise<void>
connectAuthEmulator(auth, url, options)
Changes the Auth instance to communicate with the Firebase Auth Emulator, instead of production Firebase Auth services.
This must be called synchronously immediately following the first call to initializeAuth(). Do not use with production credentials as emulator traffic is not encrypted.
Signature:
export declare function connectAuthEmulator(auth: Auth, url: string, options?: {
disableWarnings: boolean;
}): void;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| url | string | The URL at which the emulator is running (eg, 'http://localhost:9099'). |
| options | { disableWarnings: boolean; } | Optional. options.disableWarnings defaults to false. Set it to true to disable the warning banner attached to the DOM. |
Returns:
void
Example
connectAuthEmulator(auth, 'http://127.0.0.1:9099', { disableWarnings: true });
createUserWithEmailAndPassword(auth, email, password)
Creates a new user account associated with the specified email address and password.
On successful creation of the user account, this user will also be signed in to your application.
User account creation can fail if the account already exists or the password is invalid.
This method is not supported on Auth instances created with a FirebaseServerApp.
Signature:
export declare function createUserWithEmailAndPassword(auth: Auth, email: string, password: string): Promise<UserCredential>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| string | The user's email address. | |
| password | string | The user's chosen password. |
Returns:
Promise<UserCredential>
fetchSignInMethodsForEmail(auth, email)
Gets the list of possible sign in methods for the given email address. This method returns an empty list when Email Enumeration Protection is enabled, irrespective of the number of authentication methods available for the given email.
This is useful to differentiate methods of sign-in for the same provider, eg. EmailAuthProvider which has 2 methods of sign-in, SignInMethod.EMAIL_PASSWORD and SignInMethod.EMAIL_LINK.
Signature:
export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): Promise<string[]>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| string | The user's email address.Deprecated. Migrating off of this method is recommended as a security best-practice. Learn more in the Identity Platform documentation for Email Enumeration Protection. |
Returns:
Promise<string[]>
getMultiFactorResolver(auth, error)
Provides a MultiFactorResolver suitable for completion of a multi-factor flow.
Signature:
export declare function getMultiFactorResolver(auth: Auth, error: MultiFactorError): MultiFactorResolver;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| error | MultiFactorError | The MultiFactorError raised during a sign-in, or reauthentication operation. |
Returns:
getRedirectResult(auth, resolver)
Returns a UserCredential from the redirect-based sign-in flow.
If sign-in succeeded, returns the signed in user. If sign-in was unsuccessful, fails with an error. If no redirect operation was called, returns null.
This method does not work in a Node.js environment or with Auth instances created with a FirebaseServerApp.
Signature:
export declare function getRedirectResult(auth: Auth, resolver?: PopupRedirectResolver): Promise<UserCredential | null>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| resolver | PopupRedirectResolver | An instance of PopupRedirectResolver, optional if already supplied to initializeAuth() or provided by getAuth(). |
Returns:
Promise<UserCredential | null>
Example
// Sign in using a redirect.
const provider = new FacebookAuthProvider();
// You can add additional scopes to the provider:
provider.addScope('user_birthday');
// Start a sign in process for an unauthenticated user.
await signInWithRedirect(auth, provider);
// This will trigger a full page redirect away from your app
// After returning from the redirect when your app initializes you can obtain the result
const result = await getRedirectResult(auth);
if (result) {
// This is the signed-in user
const user = result.user;
// This gives you a Facebook Access Token.
const credential = provider.credentialFromResult(auth, result);
const token = credential.accessToken;
}
// As this API can be used for sign-in, linking and reauthentication,
// check the operationType to determine what triggered this redirect
// operation.
const operationType = result.operationType;
initializeRecaptchaConfig(auth)
Loads the reCAPTCHA configuration into the Auth instance.
This will load the reCAPTCHA config, which indicates whether the reCAPTCHA verification flow should be triggered for each auth provider, into the current Auth session.
If initializeRecaptchaConfig() is not invoked, the auth flow will always start without reCAPTCHA verification. If the provider is configured to require reCAPTCHA verification, the SDK will transparently load the reCAPTCHA config and restart the auth flows.
Thus, by calling this optional method, you will reduce the latency of future auth flows. Loading the reCAPTCHA config early will also enhance the signal collected by reCAPTCHA.
This method does not work in a Node.js environment.
Signature:
export declare function initializeRecaptchaConfig(auth: Auth): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
Returns:
Promise<void>
Example
initializeRecaptchaConfig(auth);
isSignInWithEmailLink(auth, emailLink)
Checks if an incoming link is a sign-in with email link suitable for signInWithEmailLink().
Signature:
export declare function isSignInWithEmailLink(auth: Auth, emailLink: string): boolean;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| emailLink | string | The link sent to the user's email address. |
Returns:
boolean
onAuthStateChanged(auth, nextOrObserver, error, completed)
Adds an observer for changes to the user's sign-in state.
To keep the old behavior, see onIdTokenChanged().
Signature:
export declare function onAuthStateChanged(auth: Auth, nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| nextOrObserver | NextOrObserver<User> | callback triggered on change. |
| error | ErrorFn | Deprecated. This callback is never triggered. Errors on signing in/out can be caught in promises returned from sign-in/sign-out functions. |
| completed | CompleteFn | Deprecated. This callback is never triggered. |
Returns:
onIdTokenChanged(auth, nextOrObserver, error, completed)
Adds an observer for changes to the signed-in user's ID token.
This includes sign-in, sign-out, and token refresh events. This will not be triggered automatically upon ID token expiration. Use User.getIdToken() to refresh the ID token.
Signature:
export declare function onIdTokenChanged(auth: Auth, nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| nextOrObserver | NextOrObserver<User> | callback triggered on change. |
| error | ErrorFn | Deprecated. This callback is never triggered. Errors on signing in/out can be caught in promises returned from sign-in/sign-out functions. |
| completed | CompleteFn | Deprecated. This callback is never triggered. |
Returns:
revokeAccessToken(auth, token)
Revokes the given access token. Currently only supports Apple OAuth access tokens.
Signature:
export declare function revokeAccessToken(auth: Auth, token: string): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| token | string | The Apple OAuth access token. |
Returns:
Promise<void>
sendPasswordResetEmail(auth, email, actionCodeSettings)
Sends a password reset email to the given email address. This method does not throw an error when there's no user account with the given email address and Email Enumeration Protection is enabled.
To complete the password reset, call confirmPasswordReset() with the code supplied in the email sent to the user, along with the new password specified by the user.
Signature:
export declare function sendPasswordResetEmail(auth: Auth, email: string, actionCodeSettings?: ActionCodeSettings): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| string | The user's email address. | |
| actionCodeSettings | ActionCodeSettings | The ActionCodeSettings. |
Returns:
Promise<void>
Example
const actionCodeSettings = {
url: 'https://www.example.com/?email=user@example.com',
iOS: {
bundleId: 'com.example.ios'
},
android: {
packageName: 'com.example.android',
installApp: true,
minimumVersion: '12'
},
handleCodeInApp: true
};
await sendPasswordResetEmail(auth, 'user@example.com', actionCodeSettings);
// Obtain code from user.
await confirmPasswordReset('user@example.com', code);
sendSignInLinkToEmail(auth, email, actionCodeSettings)
Sends a sign-in email link to the user with the specified email.
The sign-in operation has to always be completed in the app unlike other out of band email actions (password reset and email verifications). This is because, at the end of the flow, the user is expected to be signed in and their Auth state persisted within the app.
To complete sign in with the email link, call signInWithEmailLink() with the email address and the email link supplied in the email sent to the user.
Signature:
export declare function sendSignInLinkToEmail(auth: Auth, email: string, actionCodeSettings: ActionCodeSettings): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | |
| string | The user's email address. | |
| actionCodeSettings | ActionCodeSettings | The ActionCodeSettings. |
Returns:
Promise<void>
Example
const actionCodeSettings = {
url: 'https://www.example.com/?email=user@example.com',
iOS: {
bundleId: 'com.example.ios'
},
android: {
packageName: 'com.example.android',
installApp: true,
minimumVersion: '12'
},
handleCodeInApp: true
};
await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings);
// Obtain emailLink from the user.
if(isSignInWithEmailLink(auth, emailLink)) {
await signInWithEmailLink(auth, 'user@example.com', emailLink);
}
setPersistence(auth, persistence)
Changes the type of persistence on the Auth instance for the currently saved Auth session and applies this type of persistence for future sign-in requests, including sign-in with redirect requests.
This makes it easy for a user signing in to specify whether their session should be remembered or not. It also makes it easier to never persist the Auth state for applications that are shared by other users or have sensitive data.
This method does not work in a Node.js environment or with Auth instances created with a FirebaseServerApp.
Signature:
export declare function setPersistence(auth: Auth, persistence: Persistence): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| persistence | Persistence | The Persistence to use. |
Returns:
Promise<void>
A Promise that resolves once the persistence change has completed
Example
setPersistence(auth, browserSessionPersistence);
signInAnonymously(auth)
Asynchronously signs in as an anonymous user.
If there is already an anonymous user signed in, that user will be returned; otherwise, a new anonymous user identity will be created and returned.
This method is not supported by Auth instances created with a FirebaseServerApp.
Signature:
export declare function signInAnonymously(auth: Auth): Promise<UserCredential>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
Returns:
Promise<UserCredential>
signInWithCredential(auth, credential)
Asynchronously signs in with the given credentials.
An AuthProvider can be used to generate the credential.
This method is not supported by Auth instances created with a FirebaseServerApp.
Signature:
export declare function signInWithCredential(auth: Auth, credential: AuthCredential): Promise<UserCredential>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| credential | AuthCredential | The auth credential. |
Returns:
Promise<UserCredential>
signInWithCustomToken(auth, customToken)
Asynchronously signs in using a custom token.
Custom tokens are used to integrate Firebase Auth with existing auth systems, and must be generated by an auth backend using the createCustomToken method in the Admin SDK .
Fails with an error if the token is invalid, expired, or not accepted by the Firebase Auth service.
This method is not supported by Auth instances created with a FirebaseServerApp.
Signature:
export declare function signInWithCustomToken(auth: Auth, customToken: string): Promise<UserCredential>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| customToken | string | The custom token to sign in with. |
Returns:
Promise<UserCredential>
signInWithEmailAndPassword(auth, email, password)
Asynchronously signs in using an email and password.
Fails with an error if the email address and password do not match. When Email Enumeration Protection is enabled, this method fails with "auth/invalid-credential" in case of an invalid email/password.
This method is not supported on Auth instances created with a FirebaseServerApp.
Signature:
export declare function signInWithEmailAndPassword(auth: Auth, email: string, password: string): Promise<UserCredential>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| string | The users email address. | |
| password | string | The users password. |
Returns:
Promise<UserCredential>
signInWithEmailLink(auth, email, emailLink)
Asynchronously signs in using an email and sign-in email link.
If no link is passed, the link is inferred from the current URL.
Fails with an error if the email address is invalid or OTP in email link expires.
This method is not supported by Auth instances created with a FirebaseServerApp.
Signature:
export declare function signInWithEmailLink(auth: Auth, email: string, emailLink?: string): Promise<UserCredential>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| string | The user's email address. | |
| emailLink | string | The link sent to the user's email address. |
Returns:
Promise<UserCredential>
Example
const actionCodeSettings = {
url: 'https://www.example.com/?email=user@example.com',
iOS: {
bundleId: 'com.example.ios'
},
android: {
packageName: 'com.example.android',
installApp: true,
minimumVersion: '12'
},
handleCodeInApp: true
};
await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings);
// Obtain emailLink from the user.
if(isSignInWithEmailLink(auth, emailLink)) {
await signInWithEmailLink(auth, 'user@example.com', emailLink);
}
signInWithPhoneNumber(auth, phoneNumber, appVerifier)
Asynchronously signs in using a phone number.
This method sends a code via SMS to the given phone number, and returns a ConfirmationResult. After the user provides the code sent to their phone, call ConfirmationResult.confirm() with the code to sign the user in.
For abuse prevention, this method requires a ApplicationVerifier. This SDK includes an implementation based on reCAPTCHA v2, RecaptchaVerifier. This function can work on other platforms that do not support the RecaptchaVerifier (like React Native), but you need to use a third-party ApplicationVerifier implementation.
If you've enabled project-level reCAPTCHA Enterprise bot protection in Enforce mode, you can omit the ApplicationVerifier.
This method does not work in a Node.js environment or with Auth instances created with a FirebaseServerApp.
Signature:
export declare function signInWithPhoneNumber(auth: Auth, phoneNumber: string, appVerifier?: ApplicationVerifier): Promise<ConfirmationResult>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| phoneNumber | string | The user's phone number in E.164 format (e.g. +16505550101). |
| appVerifier | ApplicationVerifier | The ApplicationVerifier. |
Returns:
Promise<ConfirmationResult>
Example
// 'recaptcha-container' is the ID of an element in the DOM.
const applicationVerifier = new firebase.auth.RecaptchaVerifier('recaptcha-container');
const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);
// Obtain a verificationCode from the user.
const credential = await confirmationResult.confirm(verificationCode);
signInWithPopup(auth, provider, resolver)
Authenticates a Firebase client using a popup-based OAuth authentication flow.
If succeeds, returns the signed in user along with the provider's credential. If sign in was unsuccessful, returns an error object containing additional information about the error.
This method does not work in a Node.js environment or with Auth instances created with a FirebaseServerApp.
Signature:
export declare function signInWithPopup(auth: Auth, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| provider | AuthProvider | The provider to authenticate. The provider has to be an OAuthProvider. Non-OAuth providers like EmailAuthProvider will throw an error. |
| resolver | PopupRedirectResolver | An instance of PopupRedirectResolver, optional if already supplied to initializeAuth() or provided by getAuth(). |
Returns:
Promise<UserCredential>
Example
// Sign in using a popup.
const provider = new FacebookAuthProvider();
const result = await signInWithPopup(auth, provider);
// The signed-in user info.
const user = result.user;
// This gives you a Facebook Access Token.
const credential = provider.credentialFromResult(auth, result);
const token = credential.accessToken;
signInWithRedirect(auth, provider, resolver)
Authenticates a Firebase client using a full-page redirect flow.
To handle the results and errors for this operation, refer to getRedirectResult(). Follow the best practices when using signInWithRedirect().
This method does not work in a Node.js environment or with Auth instances created with a FirebaseServerApp.
Signature:
export declare function signInWithRedirect(auth: Auth, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| provider | AuthProvider | The provider to authenticate. The provider has to be an OAuthProvider. Non-OAuth providers like EmailAuthProvider will throw an error. |
| resolver | PopupRedirectResolver | An instance of PopupRedirectResolver, optional if already supplied to initializeAuth() or provided by getAuth(). |
Returns:
Promise<never>
Example
// Sign in using a redirect.
const provider = new FacebookAuthProvider();
// You can add additional scopes to the provider:
provider.addScope('user_birthday');
// Start a sign in process for an unauthenticated user.
await signInWithRedirect(auth, provider);
// This will trigger a full page redirect away from your app
// After returning from the redirect when your app initializes you can obtain the result
const result = await getRedirectResult(auth);
if (result) {
// This is the signed-in user
const user = result.user;
// This gives you a Facebook Access Token.
const credential = provider.credentialFromResult(auth, result);
const token = credential.accessToken;
}
// As this API can be used for sign-in, linking and reauthentication,
// check the operationType to determine what triggered this redirect
// operation.
const operationType = result.operationType;
signOut(auth)
Signs out the current user.
This method is not supported by Auth instances created with a FirebaseServerApp.
Signature:
export declare function signOut(auth: Auth): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
Returns:
Promise<void>
updateCurrentUser(auth, user)
Asynchronously sets the provided user as Auth.currentUser on the Auth instance.
A new instance copy of the user provided will be made and set as currentUser.
This will trigger onAuthStateChanged() and onIdTokenChanged() listeners like other sign in methods.
The operation fails with an error if the user to be updated belongs to a different Firebase project.
This method is not supported by Auth instances created with a FirebaseServerApp.
Signature:
export declare function updateCurrentUser(auth: Auth, user: User | null): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| user | User | null | The new User. |
Returns:
Promise<void>
useDeviceLanguage(auth)
Sets the current language to the default device/browser preference.
Signature:
export declare function useDeviceLanguage(auth: Auth): void;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
Returns:
void
validatePassword(auth, password)
Validates the password against the password policy configured for the project or tenant.
If no tenant ID is set on the Auth instance, then this method will use the password policy configured for the project. Otherwise, this method will use the policy configured for the tenant. If a password policy has not been configured, then the default policy configured for all projects will be used.
If an auth flow fails because a submitted password does not meet the password policy requirements and this method has previously been called, then this method will use the most recent policy available when called again.
Signature:
export declare function validatePassword(auth: Auth, password: string): Promise<PasswordValidationStatus>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| password | string | The password to validate. |
Returns:
Promise<PasswordValidationStatus>
Example
validatePassword(auth, 'some-password');
verifyPasswordResetCode(auth, code)
Checks a password reset code sent to the user by email or other out-of-band mechanism.
Signature:
export declare function verifyPasswordResetCode(auth: Auth, code: string): Promise<string>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| auth | Auth | The Auth instance. |
| code | string | A verification code sent to the user. |
Returns:
Promise<string>
the user's email address if valid.
function(link, ...)
parseActionCodeURL(link)
Parses the email action link string and returns an ActionCodeURL if the link is valid, otherwise returns null.
Signature:
export declare function parseActionCodeURL(link: string): ActionCodeURL | null;
Parameters
| Parameter | Type | Description |
|---|---|---|
| link | string |
Returns:
ActionCodeURL | null
function(user, ...)
deleteUser(user)
Deletes and signs out the user.
Signature:
export declare function deleteUser(user: User): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
Returns:
Promise<void>
getIdToken(user, forceRefresh)
Returns a JSON Web Token (JWT) used to identify the user to a Firebase service.
Returns the current token if it has not expired or if it will not expire in the next five minutes. Otherwise, this will refresh the token and return a new one.
Signature:
export declare function getIdToken(user: User, forceRefresh?: boolean): Promise<string>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| forceRefresh | boolean | Force refresh regardless of token expiration. |
Returns:
Promise<string>
getIdTokenResult(user, forceRefresh)
Returns a deserialized JSON Web Token (JWT) used to identify the user to a Firebase service.
Returns the current token if it has not expired or if it will not expire in the next five minutes. Otherwise, this will refresh the token and return a new one.
Signature:
export declare function getIdTokenResult(user: User, forceRefresh?: boolean): Promise<IdTokenResult>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| forceRefresh | boolean | Force refresh regardless of token expiration. |
Returns:
Promise<IdTokenResult>
linkWithCredential(user, credential)
Links the user account with the given credentials.
An AuthProvider can be used to generate the credential.
Signature:
export declare function linkWithCredential(user: User, credential: AuthCredential): Promise<UserCredential>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| credential | AuthCredential | The auth credential. |
Returns:
Promise<UserCredential>
linkWithPhoneNumber(user, phoneNumber, appVerifier)
Links the user account with the given phone number.
This method does not work in a Node.js environment.
Signature:
export declare function linkWithPhoneNumber(user: User, phoneNumber: string, appVerifier?: ApplicationVerifier): Promise<ConfirmationResult>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| phoneNumber | string | The user's phone number in E.164 format (e.g. +16505550101). |
| appVerifier | ApplicationVerifier | The ApplicationVerifier. |
Returns:
Promise<ConfirmationResult>
linkWithPopup(user, provider, resolver)
Links the authenticated provider to the user account using a pop-up based OAuth flow.
If the linking is successful, the returned result will contain the user and the provider's credential.
This method does not work in a Node.js environment.
Signature:
export declare function linkWithPopup(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| provider | AuthProvider | The provider to authenticate. The provider has to be an OAuthProvider. Non-OAuth providers like EmailAuthProvider will throw an error. |
| resolver | PopupRedirectResolver | An instance of PopupRedirectResolver, optional if already supplied to initializeAuth() or provided by getAuth(). |
Returns:
Promise<UserCredential>
Example
// Sign in using some other provider.
const result = await signInWithEmailAndPassword(auth, email, password);
// Link using a popup.
const provider = new FacebookAuthProvider();
await linkWithPopup(result.user, provider);
linkWithRedirect(user, provider, resolver)
Links the OAuthProvider to the user account using a full-page redirect flow.
To handle the results and errors for this operation, refer to getRedirectResult(). Follow the best practices when using linkWithRedirect().
This method does not work in a Node.js environment or with Auth instances created with a FirebaseServerApp.
Signature:
export declare function linkWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| provider | AuthProvider | The provider to authenticate. The provider has to be an OAuthProvider. Non-OAuth providers like EmailAuthProvider will throw an error. |
| resolver | PopupRedirectResolver | An instance of PopupRedirectResolver, optional if already supplied to initializeAuth() or provided by getAuth(). |
Returns:
Promise<never>
Example
// Sign in using some other provider.
const result = await signInWithEmailAndPassword(auth, email, password);
// Link using a redirect.
const provider = new FacebookAuthProvider();
await linkWithRedirect(result.user, provider);
// This will trigger a full page redirect away from your app
// After returning from the redirect when your app initializes you can obtain the result
const result = await getRedirectResult(auth);
multiFactor(user)
The MultiFactorUser corresponding to the user.
This is used to access all multi-factor properties and operations related to the user.
Signature:
export declare function multiFactor(user: User): MultiFactorUser;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
Returns:
reauthenticateWithCredential(user, credential)
Re-authenticates a user using a fresh credential.
Use before operations such as updatePassword() that require tokens from recent sign-in attempts. This method can be used to recover from a CREDENTIAL_TOO_OLD_LOGIN_AGAIN error or a TOKEN_EXPIRED error.
This method is not supported on any User signed in by Auth instances created with a FirebaseServerApp.
Signature:
export declare function reauthenticateWithCredential(user: User, credential: AuthCredential): Promise<UserCredential>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| credential | AuthCredential | The auth credential. |
Returns:
Promise<UserCredential>
reauthenticateWithPhoneNumber(user, phoneNumber, appVerifier)
Re-authenticates a user using a fresh phone credential.
Use before operations such as updatePassword() that require tokens from recent sign-in attempts.
This method does not work in a Node.js environment or on any User signed in by Auth instances created with a FirebaseServerApp.
Signature:
export declare function reauthenticateWithPhoneNumber(user: User, phoneNumber: string, appVerifier?: ApplicationVerifier): Promise<ConfirmationResult>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| phoneNumber | string | The user's phone number in E.164 format (e.g. +16505550101). |
| appVerifier | ApplicationVerifier | The ApplicationVerifier. |
Returns:
Promise<ConfirmationResult>
reauthenticateWithPopup(user, provider, resolver)
Reauthenticates the current user with the specified OAuthProvider using a pop-up based OAuth flow.
If the reauthentication is successful, the returned result will contain the user and the provider's credential.
This method does not work in a Node.js environment or on any User signed in by Auth instances created with a FirebaseServerApp.
Signature:
export declare function reauthenticateWithPopup(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| provider | AuthProvider | The provider to authenticate. The provider has to be an OAuthProvider. Non-OAuth providers like EmailAuthProvider will throw an error. |
| resolver | PopupRedirectResolver | An instance of PopupRedirectResolver, optional if already supplied to initializeAuth() or provided by getAuth(). |
Returns:
Promise<UserCredential>
Example
// Sign in using a popup.
const provider = new FacebookAuthProvider();
const result = await signInWithPopup(auth, provider);
// Reauthenticate using a popup.
await reauthenticateWithPopup(result.user, provider);
reauthenticateWithRedirect(user, provider, resolver)
Reauthenticates the current user with the specified OAuthProvider using a full-page redirect flow.
To handle the results and errors for this operation, refer to getRedirectResult(). Follow the best practices when using reauthenticateWithRedirect().
This method does not work in a Node.js environment or with Auth instances created with a FirebaseServerApp.
Signature:
export declare function reauthenticateWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| provider | AuthProvider | The provider to authenticate. The provider has to be an OAuthProvider. Non-OAuth providers like EmailAuthProvider will throw an error. |
| resolver | PopupRedirectResolver | An instance of PopupRedirectResolver, optional if already supplied to initializeAuth() or provided by getAuth(). |
Returns:
Promise<never>
Example
// Sign in using a redirect.
const provider = new FacebookAuthProvider();
const result = await signInWithRedirect(auth, provider);
// This will trigger a full page redirect away from your app
// After returning from the redirect when your app initializes you can obtain the result
const result = await getRedirectResult(auth);
// Reauthenticate using a redirect.
await reauthenticateWithRedirect(result.user, provider);
// This will again trigger a full page redirect away from your app
// After returning from the redirect when your app initializes you can obtain the result
const result = await getRedirectResult(auth);
reload(user)
Reloads user account data, if signed in.
Signature:
export declare function reload(user: User): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
Returns:
Promise<void>
sendEmailVerification(user, actionCodeSettings)
Sends a verification email to a user.
The verification process is completed by calling applyActionCode().
Signature:
export declare function sendEmailVerification(user: User, actionCodeSettings?: ActionCodeSettings | null): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| actionCodeSettings | ActionCodeSettings | null | The ActionCodeSettings. |
Returns:
Promise<void>
Example
const actionCodeSettings = {
url: 'https://www.example.com/?email=user@example.com',
iOS: {
bundleId: 'com.example.ios'
},
android: {
packageName: 'com.example.android',
installApp: true,
minimumVersion: '12'
},
handleCodeInApp: true
};
await sendEmailVerification(user, actionCodeSettings);
// Obtain code from the user.
await applyActionCode(auth, code);
unlink(user, providerId)
Unlinks a provider from a user account.
Signature:
export declare function unlink(user: User, providerId: string): Promise<User>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| providerId | string | The provider to unlink. |
Returns:
Promise<User>
updateEmail(user, newEmail)
Updates the user's email address.
An email will be sent to the original email address (if it was set) that allows to revoke the email address change, in order to protect them from account hijacking.
This method is not supported on any User signed in by Auth instances created with a FirebaseServerApp.
Signature:
export declare function updateEmail(user: User, newEmail: string): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| newEmail | string | The new email address.Throws "auth/operation-not-allowed" error when Email Enumeration Protection is enabled. Deprecated - Use verifyBeforeUpdateEmail() instead. |
Returns:
Promise<void>
updatePassword(user, newPassword)
Updates the user's password.
Signature:
export declare function updatePassword(user: User, newPassword: string): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| newPassword | string | The new password. |
Returns:
Promise<void>
updatePhoneNumber(user, credential)
Updates the user's phone number.
This method does not work in a Node.js environment or on any User signed in by Auth instances created with a FirebaseServerApp.
Signature:
export declare function updatePhoneNumber(user: User, credential: PhoneAuthCredential): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| credential | PhoneAuthCredential | A credential authenticating the new phone number. |
Returns:
Promise<void>
Example
// 'recaptcha-container' is the ID of an element in the DOM.
const applicationVerifier = new RecaptchaVerifier('recaptcha-container');
const provider = new PhoneAuthProvider(auth);
const verificationId = await provider.verifyPhoneNumber('+16505550101', applicationVerifier);
// Obtain the verificationCode from the user.
const phoneCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
await updatePhoneNumber(user, phoneCredential);
updateProfile(user, { displayName, photoURL: photoUrl })
Updates a user's profile data.
Signature:
export declare function updateProfile(user: User, { displayName, photoURL: photoUrl }: {
displayName?: string | null;
photoURL?: string | null;
}): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| { displayName, photoURL: photoUrl } | { displayName?: string | null; photoURL?: string | null; } |
Returns:
Promise<void>
verifyBeforeUpdateEmail(user, newEmail, actionCodeSettings)
Sends a verification email to a new email address.
The user's email will be updated to the new one after being verified.
If you have a custom email action handler, you can complete the verification process by calling applyActionCode().
Signature:
export declare function verifyBeforeUpdateEmail(user: User, newEmail: string, actionCodeSettings?: ActionCodeSettings | null): Promise<void>;
Parameters
| Parameter | Type | Description |
|---|---|---|
| user | User | The user. |
| newEmail | string | The new email address to be verified before update. |
| actionCodeSettings | ActionCodeSettings | null | The ActionCodeSettings. |
Returns:
Promise<void>
Example
const actionCodeSettings = {
url: 'https://www.example.com/?email=user@example.com',
iOS: {
bundleId: 'com.example.ios'
},
android: {
packageName: 'com.example.android',
installApp: true,
minimumVersion: '12'
},
handleCodeInApp: true
};
await verifyBeforeUpdateEmail(user, 'newemail@example.com', actionCodeSettings);
// Obtain code from the user.
await applyActionCode(auth, code);
function(userCredential, ...)
getAdditionalUserInfo(userCredential)
Extracts provider specific AdditionalUserInfo for the given credential.
Signature:
export declare function getAdditionalUserInfo(userCredential: UserCredential): AdditionalUserInfo | null;
Parameters
| Parameter | Type | Description |
|---|---|---|
| userCredential | UserCredential | The user credential. |
Returns:
AdditionalUserInfo | null
ActionCodeOperation
An enumeration of the possible email action types.
Signature:
ActionCodeOperation: {
readonly EMAIL_SIGNIN: "EMAIL_SIGNIN";
readonly PASSWORD_RESET: "PASSWORD_RESET";
readonly RECOVER_EMAIL: "RECOVER_EMAIL";
readonly REVERT_SECOND_FACTOR_ADDITION: "REVERT_SECOND_FACTOR_ADDITION";
readonly VERIFY_AND_CHANGE_EMAIL: "VERIFY_AND_CHANGE_EMAIL";
readonly VERIFY_EMAIL: "VERIFY_EMAIL";
}
AuthErrorCodes
A map of potential Auth error codes, for easier comparison with errors thrown by the SDK.
Note that you can't tree-shake individual keys in the map, so by using the map you might substantially increase your bundle size.
Signature:
AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY: {
readonly ADMIN_ONLY_OPERATION: "auth/admin-restricted-operation";
readonly ARGUMENT_ERROR: "auth/argument-error";
readonly APP_NOT_AUTHORIZED: "auth/app-not-authorized";
readonly APP_NOT_INSTALLED: "auth/app-not-installed";
readonly CAPTCHA_CHECK_FAILED: "auth/captcha-check-failed";
readonly CODE_EXPIRED: "auth/code-expired";
readonly CORDOVA_NOT_READY: "auth/cordova-not-ready";
readonly CORS_UNSUPPORTED: "auth/cors-unsupported";
readonly CREDENTIAL_ALREADY_IN_USE: "auth/credential-already-in-use";
readonly CREDENTIAL_MISMATCH: "auth/custom-token-mismatch";
readonly CREDENTIAL_TOO_OLD_LOGIN_AGAIN: "auth/requires-recent-login";
readonly DEPENDENT_SDK_INIT_BEFORE_AUTH: "auth/dependent-sdk-initialized-before-auth";
readonly DYNAMIC_LINK_NOT_ACTIVATED: "auth/dynamic-link-not-activated";
readonly EMAIL_CHANGE_NEEDS_VERIFICATION: "auth/email-change-needs-verification";
readonly EMAIL_EXISTS: "auth/email-already-in-use";
readonly EMULATOR_CONFIG_FAILED: "auth/emulator-config-failed";
readonly EXPIRED_OOB_CODE: "auth/expired-action-code";
readonly EXPIRED_POPUP_REQUEST: "auth/cancelled-popup-request";
readonly INTERNAL_ERROR: "auth/internal-error";
readonly INVALID_API_KEY: "auth/invalid-api-key";
readonly INVALID_APP_CREDENTIAL: "auth/invalid-app-credential";
readonly INVALID_APP_ID: "auth/invalid-app-id";
readonly INVALID_AUTH: "auth/invalid-user-token";
readonly INVALID_AUTH_EVENT: "auth/invalid-auth-event";
readonly INVALID_CERT_HASH: "auth/invalid-cert-hash";
readonly INVALID_CODE: "auth/invalid-verification-code";
readonly INVALID_CONTINUE_URI: "auth/invalid-continue-uri";
readonly INVALID_CORDOVA_CONFIGURATION: "auth/invalid-cordova-configuration";
readonly INVALID_CUSTOM_TOKEN: "auth/invalid-custom-token";
readonly INVALID_DYNAMIC_LINK_DOMAIN: "auth/invalid-dynamic-link-domain";
readonly INVALID_EMAIL: "auth/invalid-email";
readonly INVALID_EMULATOR_SCHEME: "auth/invalid-emulator-scheme";
readonly INVALID_IDP_RESPONSE: "auth/invalid-credential";
readonly INVALID_LOGIN_CREDENTIALS: "auth/invalid-credential";
readonly INVALID_MESSAGE_PAYLOAD: "auth/invalid-message-payload";
readonly INVALID_MFA_SESSION: "auth/invalid-multi-factor-session";
readonly INVALID_OAUTH_CLIENT_ID: "auth/invalid-oauth-client-id";
readonly INVALID_OAUTH_PROVIDER: "auth/invalid-oauth-provider";
readonly INVALID_OOB_CODE: "auth/invalid-action-code";
readonly INVALID_ORIGIN: "auth/unauthorized-domain";
readonly INVALID_PASSWORD: "auth/wrong-password";
readonly INVALID_PERSISTENCE: "auth/invalid-persistence-type";
readonly INVALID_PHONE_NUMBER: "auth/invalid-phone-number";
readonly INVALID_PROVIDER_ID: "auth/invalid-provider-id";
readonly INVALID_RECIPIENT_EMAIL: "auth/invalid-recipient-email";
readonly INVALID_SENDER: "auth/invalid-sender";
readonly INVALID_SESSION_INFO: "auth/invalid-verification-id";
readonly INVALID_TENANT_ID: "auth/invalid-tenant-id";
readonly MFA_INFO_NOT_FOUND: "auth/multi-factor-info-not-found";
readonly MFA_REQUIRED: "auth/multi-factor-auth-required";
readonly MISSING_ANDROID_PACKAGE_NAME: "auth/missing-android-pkg-name";
readonly MISSING_APP_CREDENTIAL: "auth/missing-app-credential";
readonly MISSING_AUTH_DOMAIN: "auth/auth-domain-config-required";
readonly MISSING_CODE: "auth/missing-verification-code";
readonly MISSING_CONTINUE_URI: "auth/missing-continue-uri";
readonly MISSING_IFRAME_START: "auth/missing-iframe-start";
readonly MISSING_IOS_BUNDLE_ID: "auth/missing-ios-bundle-id";
readonly MISSING_OR_INVALID_NONCE: "auth/missing-or-invalid-nonce";
readonly MISSING_MFA_INFO: "auth/missing-multi-factor-info";
readonly MISSING_MFA_SESSION: "auth/missing-multi-factor-session";
readonly MISSING_PHONE_NUMBER: "auth/missing-phone-number";
readonly MISSING_SESSION_INFO: "auth/missing-verification-id";
readonly MODULE_DESTROYED: "auth/app-deleted";
readonly NEED_CONFIRMATION: "auth/account-exists-with-different-credential";
readonly NETWORK_REQUEST_FAILED: "auth/network-request-failed";
readonly NULL_USER: "auth/null-user";
readonly NO_AUTH_EVENT: "auth/no-auth-event";
readonly NO_SUCH_PROVIDER: "auth/no-such-provider";
readonly OPERATION_NOT_ALLOWED: "auth/operation-not-allowed";
readonly OPERATION_NOT_SUPPORTED: "auth/operation-not-supported-in-this-environment";
readonly POPUP_BLOCKED: "auth/popup-blocked";
readonly POPUP_CLOSED_BY_USER: "auth/popup-closed-by-user";
readonly PROVIDER_ALREADY_LINKED: "auth/provider-already-linked";
readonly QUOTA_EXCEEDED: "auth/quota-exceeded";
readonly REDIRECT_CANCELLED_BY_USER: "auth/redirect-cancelled-by-user";
readonly REDIRECT_OPERATION_PENDING: "auth/redirect-operation-pending";
readonly REJECTED_CREDENTIAL: "auth/rejected-credential";
readonly SECOND_FACTOR_ALREADY_ENROLLED: "auth/second-factor-already-in-use";
readonly SECOND_FACTOR_LIMIT_EXCEEDED: "auth/maximum-second-factor-count-exceeded";
readonly TENANT_ID_MISMATCH: "auth/tenant-id-mismatch";
readonly TIMEOUT: "auth/timeout";
readonly TOKEN_EXPIRED: "auth/user-token-expired";
readonly TOO_MANY_ATTEMPTS_TRY_LATER: "auth/too-many-requests";
readonly UNAUTHORIZED_DOMAIN: "auth/unauthorized-continue-uri";
readonly UNSUPPORTED_FIRST_FACTOR: "auth/unsupported-first-factor";
readonly UNSUPPORTED_PERSISTENCE: "auth/unsupported-persistence-type";
readonly UNSUPPORTED_TENANT_OPERATION: "auth/unsupported-tenant-operation";
readonly UNVERIFIED_EMAIL: "auth/unverified-email";
readonly USER_CANCELLED: "auth/user-cancelled";
readonly USER_DELETED: "auth/user-not-found";
readonly USER_DISABLED: "auth/user-disabled";
readonly USER_MISMATCH: "auth/user-mismatch";
readonly USER_SIGNED_OUT: "auth/user-signed-out";
readonly WEAK_PASSWORD: "auth/weak-password";
readonly WEB_STORAGE_UNSUPPORTED: "auth/web-storage-unsupported";
readonly ALREADY_INITIALIZED: "auth/already-initialized";
readonly RECAPTCHA_NOT_ENABLED: "auth/recaptcha-not-enabled";
readonly MISSING_RECAPTCHA_TOKEN: "auth/missing-recaptcha-token";
readonly INVALID_RECAPTCHA_TOKEN: "auth/invalid-recaptcha-token";
readonly INVALID_RECAPTCHA_ACTION: "auth/invalid-recaptcha-action";
readonly MISSING_CLIENT_TYPE: "auth/missing-client-type";
readonly MISSING_RECAPTCHA_VERSION: "auth/missing-recaptcha-version";
readonly INVALID_RECAPTCHA_VERSION: "auth/invalid-recaptcha-version";
readonly INVALID_REQ_TYPE: "auth/invalid-req-type";
}
browserLocalPersistence
An implementation of Persistence of type LOCAL using localStorage for the underlying storage.
Signature:
browserLocalPersistence: Persistence
browserPopupRedirectResolver
An implementation of PopupRedirectResolver suitable for browser based applications.
This method does not work in a Node.js environment.
Signature:
browserPopupRedirectResolver: PopupRedirectResolver
browserSessionPersistence
An implementation of Persistence of SESSION using sessionStorage for the underlying storage.
Signature:
browserSessionPersistence: Persistence
cordovaPopupRedirectResolver
An implementation of PopupRedirectResolver suitable for Cordova based applications.
Signature:
cordovaPopupRedirectResolver: PopupRedirectResolver
debugErrorMap
A verbose error map with detailed descriptions for most error codes.
See discussion at AuthErrorMap
Signature:
debugErrorMap: AuthErrorMap
FactorId
An enum of factors that may be used for multifactor authentication.
Signature:
FactorId: {
readonly PHONE: "phone";
readonly TOTP: "totp";
}
indexedDBLocalPersistence
An implementation of Persistence of type LOCAL using indexedDB for the underlying storage.
Signature:
indexedDBLocalPersistence: Persistence
inMemoryPersistence
An implementation of Persistence of type 'NONE'.
Signature:
inMemoryPersistence: Persistence
OperationType
Enumeration of supported operation types.
Signature:
OperationType: {
readonly LINK: "link";
readonly REAUTHENTICATE: "reauthenticate";
readonly SIGN_IN: "signIn";
}
prodErrorMap
A minimal error map with all verbose error messages stripped.
See discussion at AuthErrorMap
Signature:
prodErrorMap: AuthErrorMap
ProviderId
Enumeration of supported providers.
Signature:
ProviderId: {
readonly FACEBOOK: "facebook.com";
readonly GITHUB: "github.com";
readonly GOOGLE: "google.com";
readonly PASSWORD: "password";
readonly PHONE: "phone";
readonly TWITTER: "twitter.com";
}
SignInMethod
Enumeration of supported sign-in methods.
Signature:
SignInMethod: {
readonly EMAIL_LINK: "emailLink";
readonly EMAIL_PASSWORD: "password";
readonly FACEBOOK: "facebook.com";
readonly GITHUB: "github.com";
readonly GOOGLE: "google.com";
readonly PHONE: "phone";
readonly TWITTER: "twitter.com";
}
CustomParameters
Map of OAuth Custom Parameters.
Signature:
export type CustomParameters = Record<string, string>;
NextOrObserver
Type definition for an event callback.
Signature:
export type NextOrObserver<T> = NextFn<T | null> | Observer<T | null>;
PhoneInfoOptions
The information required to verify the ownership of a phone number.
The information that's required depends on whether you are doing single-factor sign-in, multi-factor enrollment or multi-factor sign-in.
Signature:
export type PhoneInfoOptions = PhoneSingleFactorInfoOptions | PhoneMultiFactorEnrollInfoOptions | PhoneMultiFactorSignInInfoOptions;
UserProfile
User profile used in AdditionalUserInfo.
Signature:
export type UserProfile = Record<string, unknown>;