Enumeration

Persistence

static

string

An enumeration of the possible persistence mechanism types.

Value

LOCAL

Indicates that the state will be persisted even when the browser window is closed or the activity is destroyed in react-native.

NONE

Indicates that the state will only be stored in memory and will be cleared when the window or activity is refreshed.

SESSION

Indicates that the state will only persist in current session/tab, relevant to web only, and will be cleared when the tab is closed.

Properties

Persistence

static

string

An enumeration of the possible persistence mechanism types.

Value

LOCAL

Indicates that the state will be persisted even when the browser window is closed or the activity is destroyed in react-native.

NONE

Indicates that the state will only be stored in memory and will be cleared when the window or activity is refreshed.

SESSION

Indicates that the state will only persist in current session/tab, relevant to web only, and will be cleared when the tab is closed.

app

non-null firebase.app.App

The app associated with the Auth service instance.

Example

var app = auth.app;

currentUser

(firebase.User or null)

The currently signed-in user (or null).

languageCode

(string or null)

The current Auth instance's language code. This is a readable/writable property. When set to null, the default Firebase Console language setting is applied. The language code will propagate to email action templates (password reset, email verification and email change revocation), SMS templates for phone authentication, reCAPTCHA verifier and OAuth popup/redirect operations provided the specified providers support localization with the language code specified.

settings

non-null firebase.auth.AuthSettings

The current Auth instance's settings. This is used to edit/read configuration related options like app verification mode for phone authentication.

Methods

applyActionCode

applyActionCode(code) returns firebase.Promise containing void

Applies a verification code sent to the user by email or other out-of-band mechanism.

Error Codes

auth/expired-action-code
Thrown if the action code has expired.
auth/invalid-action-code
Thrown if the action code is invalid. This can happen if the code is malformed or has already been used.
auth/user-disabled
Thrown if the user corresponding to the given action code has been disabled.
auth/user-not-found
Thrown if there is no user corresponding to the action code. This may have happened if the user was deleted between when the action code was issued and when this method was called.

Parameter

code

string

A verification code sent to the user.

Returns

non-null firebase.Promise containing void 

checkActionCode

checkActionCode(code) returns firebase.Promise containing non-null firebase.auth.ActionCodeInfo

Checks a verification code sent to the user by email or other out-of-band mechanism.

Returns metadata about the code.

Error Codes

auth/expired-action-code
Thrown if the action code has expired.
auth/invalid-action-code
Thrown if the action code is invalid. This can happen if the code is malformed or has already been used.
auth/user-disabled
Thrown if the user corresponding to the given action code has been disabled.
auth/user-not-found
Thrown if there is no user corresponding to the action code. This may have happened if the user was deleted between when the action code was issued and when this method was called.

Parameter

code

string

A verification code sent to the user.

Returns

non-null firebase.Promise containing non-null firebase.auth.ActionCodeInfo 

confirmPasswordReset

confirmPasswordReset(code, newPassword) returns firebase.Promise containing void

Completes the password reset process, given a confirmation code and new password.

Error Codes

auth/expired-action-code
Thrown if the password reset code has expired.
auth/invalid-action-code
Thrown if the password reset code is invalid. This can happen if the code is malformed or has already been used.
auth/user-disabled
Thrown if the user corresponding to the given password reset code has been disabled.
auth/user-not-found
Thrown if there is no user corresponding to the password reset code. This may have happened if the user was deleted between when the code was issued and when this method was called.
auth/weak-password
Thrown if the new password is not strong enough.

Parameter

code

string

The confirmation code send via email to the user.

newPassword

string

The new password.

Returns

non-null firebase.Promise containing void 

createCustomToken

createCustomToken(uid, developerClaims) returns string

Creates a new custom token (JWT) that can be sent back to a client to use with signInWithCustomToken.

Parameter

uid

string

The uid to use as the subject

developerClaims

Optional

Object

Optional additional claims to include in the payload of the custom token (JWT)

Deprecated
Use the createCustomToken() method in the Firebase Admin Node.js SDK.
Returns

string The custom token (JWT) for the provided payload.

createUserAndRetrieveDataWithEmailAndPassword

createUserAndRetrieveDataWithEmailAndPassword(email, password) returns firebase.Promise containing non-null firebase.auth.UserCredential

Creates a new user account associated with the specified email address and password and returns any additional user info data or credentials.

This method is deprecated. Use firebase.auth.Auth#createUserWithEmailAndPassword instead.

On successful creation of the user account, this user will also be signed in to your application.

User account creation can fail if the account already exists or the password is invalid.

Note: The email address acts as a unique identifier for the user and enables an email-based password reset. This function will create a new user account and set the initial user password.

Error Codes

auth/email-already-in-use
Thrown if there already exists an account with the given email address.
auth/invalid-email
Thrown if the email address is not valid.
auth/operation-not-allowed
Thrown if email/password accounts are not enabled. Enable email/password accounts in the Firebase Console, under the Auth tab.
auth/weak-password
Thrown if the password is not strong enough.

Parameter

email

string

The user's email address.

password

string

The user's chosen password.

Returns

non-null firebase.Promise containing non-null firebase.auth.UserCredential 

Example

firebase.auth().createUserAndRetrieveDataWithEmailAndPassword(
  email, password).catch(function(error) {
      // Handle Errors here.
      var errorCode = error.code;
      var errorMessage = error.message;
      if (errorCode == 'auth/weak-password') {
        alert('The password is too weak.');
      } else {
        alert(errorMessage);
      }
      console.log(error);
    });

createUserWithEmailAndPassword

createUserWithEmailAndPassword(email, password) returns firebase.Promise containing non-null firebase.auth.UserCredential

Creates a new user account associated with the specified email address and password.

On successful creation of the user account, this user will also be signed in to your application.

User account creation can fail if the account already exists or the password is invalid.

Note: The email address acts as a unique identifier for the user and enables an email-based password reset. This function will create a new user account and set the initial user password.

Error Codes

auth/email-already-in-use
Thrown if there already exists an account with the given email address.
auth/invalid-email
Thrown if the email address is not valid.
auth/operation-not-allowed
Thrown if email/password accounts are not enabled. Enable email/password accounts in the Firebase Console, under the Auth tab.
auth/weak-password
Thrown if the password is not strong enough.

Parameter

email

string

The user's email address.

password

string

The user's chosen password.

Returns

non-null firebase.Promise containing non-null firebase.auth.UserCredential 

Example

firebase.auth().createUserWithEmailAndPassword(email, password)
    .catch(function(error) {
  // Handle Errors here.
  var errorCode = error.code;
  var errorMessage = error.message;
  if (errorCode == 'auth/weak-password') {
    alert('The password is too weak.');
  } else {
    alert(errorMessage);
  }
  console.log(error);
});

fetchProvidersForEmail

fetchProvidersForEmail(email) returns firebase.Promise containing non-null Array of string

Gets the list of provider IDs that can be used to sign in for the given email address. Useful for an "identifier-first" sign-in flow.

This method is deprecated. Use firebase.auth.Auth#fetchSignInMethodsForEmail instead.

Error Codes

auth/invalid-email
Thrown if the email address is not valid.

Parameter

email

string

An email address.

Returns

non-null firebase.Promise containing non-null Array of string 

fetchSignInMethodsForEmail

fetchSignInMethodsForEmail(email) returns firebase.Promise containing non-null Array of string

Gets the list of possible sign in methods for the given email address. This is useful to differentiate methods of sign-in for the same provider, eg. EmailAuthProvider which has 2 methods of sign-in, email/password and email/link.

Error Codes

auth/invalid-email
Thrown if the email address is not valid.

Parameter

email

string

An email address.

Returns

non-null firebase.Promise containing non-null Array of string 

isSignInWithEmailLink(emailLink) returns boolean

Checks if an incoming link is a sign-in with email link.

Parameter

emailLink

string

Sign-in email link.

Returns

boolean Whether the link is a sign-in with email link.

onAuthStateChanged

onAuthStateChanged(nextOrObserver, error, completed) returns function()

Adds an observer for changes to the user's sign-in state.

Prior to 4.0.0, this triggered the observer when users were signed in, signed out, or when the user's ID token changed in situations such as token expiry or password change. After 4.0.0, the observer is only triggered on sign-in or sign-out.

To keep the old behavior, see firebase.auth.Auth#onIdTokenChanged.

Parameter

nextOrObserver

(non-null Object or function(nullable firebase.User))

An observer object or a function triggered on change.

error

Optional

function(non-null firebase.auth.Error)

Optional A function triggered on auth error.

completed

Optional

function()

Optional A function triggered when the observer is removed.

Returns

non-null function() The unsubscribe function for the observer.

Example

firebase.auth().onAuthStateChanged(function(user) {
  if (user) {
    // User is signed in.
  }
});

onIdTokenChanged

onIdTokenChanged(nextOrObserver, error, completed) returns function()

Adds an observer for changes to the signed-in user's ID token, which includes sign-in, sign-out, and token refresh events. This method has the same behavior as firebase.auth.Auth#onAuthStateChanged had prior to 4.0.0.

Parameter

nextOrObserver

(non-null Object or function(nullable firebase.User))

An observer object or a function triggered on change.

error

Optional

function(non-null firebase.auth.Error)

Optional A function triggered on auth error.

completed

Optional

function()

Optional A function triggered when the observer is removed.

Returns

non-null function() The unsubscribe function for the observer.

Example

firebase.auth().onIdTokenChanged(function(user) {
  if (user) {
    // User is signed in or token was refreshed.
  }
});

sendPasswordResetEmail

sendPasswordResetEmail(email, actionCodeSettings) returns firebase.Promise containing void

Sends a password reset email to the given email address.

To complete the password reset, call firebase.auth.Auth#confirmPasswordReset with the code supplied in the email sent to the user, along with the new password specified by the user.

Error Codes

auth/invalid-email
Thrown if the email address is not valid.
auth/missing-android-pkg-name
An Android package name must be provided if the Android app is required to be installed.
auth/missing-continue-uri
A continue URL must be provided in the request.
auth/missing-ios-bundle-id
An iOS Bundle ID must be provided if an App Store ID is provided.
auth/invalid-continue-uri
The continue URL provided in the request is invalid.
auth/unauthorized-continue-uri
The domain of the continue URL is not whitelisted. Whitelist the domain in the Firebase console.
auth/user-not-found
Thrown if there is no user corresponding to the email address.

Parameter

email

string

The email address with the password to be reset.

actionCodeSettings

Optional

firebase.auth.ActionCodeSettings

The action code settings. If specified, the state/continue URL will be set as the "continueUrl" parameter in the password reset link. The default password reset landing page will use this to display a link to go back to the app if it is installed. If the actionCodeSettings is not specified, no URL is appended to the action URL. The state URL provided must belong to a domain that is whitelisted by the developer in the console. Otherwise an error will be thrown. Mobile app redirects will only be applicable if the developer configures and accepts the Firebase Dynamic Links terms of condition. The Android package name and iOS bundle ID will be respected only if they are configured in the same Firebase Auth project used.

Value may be null.

Returns

non-null firebase.Promise containing void 

Example

var actionCodeSettings = {
  url: 'https://www.example.com/?email=user@example.com',
  iOS: {
    bundleId: 'com.example.ios'
  },
  android: {
    packageName: 'com.example.android',
    installApp: true,
    minimumVersion: '12'
  },
  handleCodeInApp: true
};
firebase.auth().sendPasswordResetEmail(
    'user@example.com', actionCodeSettings)
    .then(function() {
      // Password reset email sent.
    })
    .catch(function(error) {
      // Error occurred. Inspect error.code.
    });

sendSignInLinkToEmail

sendSignInLinkToEmail(email, actionCodeSettings) returns firebase.Promise containing void

Sends a sign-in email link to the user with the specified email.

The sign-in operation has to always be completed in the app unlike other out of band email actions (password reset and email verifications). This is because, at the end of the flow, the user is expected to be signed in and their Auth state persisted within the app.

To complete sign in with the email link, call firebase.auth.Auth#signInWithEmailLink with the email address and the email link supplied in the email sent to the user.

Error Codes

auth/argument-error
Thrown if handleCodeInApp is false.
auth/invalid-email
Thrown if the email address is not valid.
auth/missing-android-pkg-name
An Android package name must be provided if the Android app is required to be installed.
auth/missing-continue-uri
A continue URL must be provided in the request.
auth/missing-ios-bundle-id
An iOS Bundle ID must be provided if an App Store ID is provided.
auth/invalid-continue-uri
The continue URL provided in the request is invalid.
auth/unauthorized-continue-uri
The domain of the continue URL is not whitelisted. Whitelist the domain in the Firebase console.

Parameter

email

string

The email account to sign in with.

actionCodeSettings

firebase.auth.ActionCodeSettings

The action code settings. The action code settings which provides Firebase with instructions on how to construct the email link. This includes the sign in completion URL or the deep link for mobile redirects, the mobile apps to use when the sign-in link is opened on an Android or iOS device. Mobile app redirects will only be applicable if the developer configures and accepts the Firebase Dynamic Links terms of condition. The Android package name and iOS bundle ID will be respected only if they are configured in the same Firebase Auth project used.

Value must not be null.

Returns

non-null firebase.Promise containing void 

Example

var actionCodeSettings = {
  // The URL to redirect to for sign-in completion. This is also the deep
  // link for mobile redirects. The domain (www.example.com) for this URL
  // must be whitelisted in the Firebase Console.
  url: 'https://www.example.com/finishSignUp?cartId=1234',
  iOS: {
    bundleId: 'com.example.ios'
  },
  android: {
    packageName: 'com.example.android',
    installApp: true,
    minimumVersion: '12'
  },
  // This must be true.
  handleCodeInApp: true
};
firebase.auth().sendSignInLinkToEmail('user@example.com', actionCodeSettings)
    .then(function() {
      // The link was successfully sent. Inform the user. Save the email
      // locally so you don't need to ask the user for it again if they open
      // the link on the same device.
    })
    .catch(function(error) {
      // Some error occurred, you can inspect the code: error.code
    });

setPersistence

setPersistence(persistence) returns firebase.Promise containing void

Changes the current type of persistence on the current Auth instance for the currently saved Auth session and applies this type of persistence for future sign-in requests, including sign-in with redirect requests. This will return a promise that will resolve once the state finishes copying from one type of storage to the other. Calling a sign-in method after changing persistence will wait for that persistence change to complete before applying it on the new Auth state.

This makes it easy for a user signing in to specify whether their session should be remembered or not. It also makes it easier to never persist the Auth state for applications that are shared by other users or have sensitive data.

The default for web browser apps and React Native apps is 'local' (provided the browser supports this mechanism) whereas it is 'none' for Node.js backend apps.

Error Codes (thrown synchronously)

auth/invalid-persistence-type
Thrown if the specified persistence type is invalid.
auth/unsupported-persistence-type
Thrown if the current environment does not support the specified persistence type.

Parameter

persistence

firebase.auth.Auth.Persistence

The auth state persistence mechanism.

Value must not be null.

Returns

non-null firebase.Promise containing void 

Example

firebase.auth().setPersistence(firebase.auth.Auth.Persistence.SESSION)
    .then(function() {
  // Existing and future Auth states are now persisted in the current
  // session only. Closing the window would clear any existing state even if
  // a user forgets to sign out.
});

signInAndRetrieveDataWithCredential

signInAndRetrieveDataWithCredential(credential) returns firebase.Promise containing non-null firebase.auth.UserCredential

Asynchronously signs in with the given credentials, and returns any available additional user information, such as user name.

Error Codes

auth/account-exists-with-different-credential
Thrown if there already exists an account with the email address asserted by the credential. Resolve this by calling firebase.auth.Auth#fetchProvidersForEmail and then asking the user to sign in using one of the returned providers. Once the user is signed in, the original credential can be linked to the user with firebase.User#linkWithCredential.
auth/invalid-credential
Thrown if the credential is malformed or has expired.
auth/operation-not-allowed
Thrown if the type of account corresponding to the credential is not enabled. Enable the account type in the Firebase Console, under the Auth tab.
auth/user-disabled
Thrown if the user corresponding to the given credential has been disabled.
auth/user-not-found
Thrown if signing in with a credential from firebase.auth.EmailAuthProvider#credential and there is no user corresponding to the given email.
auth/wrong-password
Thrown if signing in with a credential from firebase.auth.EmailAuthProvider#credential and the password is invalid for the given email, or if the account corresponding to the email does not have a password set.
auth/invalid-verification-code
Thrown if the credential is a firebase.auth.PhoneAuthProvider#credential and the verification code of the credential is not valid.
auth/invalid-verification-id
Thrown if the credential is a firebase.auth.PhoneAuthProvider#credential and the verification ID of the credential is not valid.

Parameter

credential

firebase.auth.AuthCredential

The auth credential.

Value must not be null.

Returns

non-null firebase.Promise containing non-null firebase.auth.UserCredential 

Example

firebase.auth().signInAndRetrieveDataWithCredential(credential)
    .then(function(userCredential) {
      console.log(userCredential.additionalUserInfo.username);
    });

signInAndRetrieveDataWithCustomToken

signInAndRetrieveDataWithCustomToken(token) returns firebase.Promise containing non-null firebase.auth.UserCredential

Signs in a user asynchronously using a custom token and returns any additional user info data or credentials.

This method is deprecated. Use firebase.auth.Auth#signInWithCustomToken instead.

Custom tokens are used to integrate Firebase Auth with existing auth systems, and must be generated by the auth backend.

Fails with an error if the token is invalid, expired, or not accepted by the Firebase Auth service.

Error Codes

auth/custom-token-mismatch
Thrown if the custom token is for a different Firebase App.
auth/invalid-custom-token
Thrown if the custom token format is incorrect.

Parameter

token

string

The custom token to sign in with.

Returns

non-null firebase.Promise containing non-null firebase.auth.UserCredential 

Example

firebase.auth().signInAndRetrieveDataWithCustomToken(token)
    .catch(function(error) {
      // Handle Errors here.
      var errorCode = error.code;
      var errorMessage = error.message;
      if (errorCode === 'auth/invalid-custom-token') {
        alert('The token you provided is not valid.');
      } else {
        console.error(error);
      }
    });

signInAndRetrieveDataWithEmailAndPassword

signInAndRetrieveDataWithEmailAndPassword(email, password) returns firebase.Promise containing non-null firebase.auth.UserCredential

Asynchronously signs in using an email and password and returns any additional user info data or credentials.

This method is deprecated. Use firebase.auth.Auth#signInWithEmailAndPassword instead.

Fails with an error if the email address and password do not match.

Note: The user's password is NOT the password used to access the user's email account. The email address serves as a unique identifier for the user, and the password is used to access the user's account in your Firebase project.

See also: firebase.auth.Auth#createUserAndRetrieveDataWithEmailAndPassword.

Error Codes

auth/invalid-email
Thrown if the email address is not valid.
auth/user-disabled
Thrown if the user corresponding to the given email has been disabled.
auth/user-not-found
Thrown if there is no user corresponding to the given email.
auth/wrong-password
Thrown if the password is invalid for the given email, or the account corresponding to the email does not have a password set.

Parameter

email

string

The users email address.

password

string

The users password.

Returns

non-null firebase.Promise containing non-null firebase.auth.UserCredential 

Example

firebase.auth().signInAndRetrieveDataWithEmailAndPassword(email, password)
    .catch(function(error) {
      // Handle Errors here.
      var errorCode = error.code;
      var errorMessage = error.message;
      if (errorCode === 'auth/wrong-password') {
        alert('Wrong password.');
      } else {
        alert(errorMessage);
      }
      console.log(error);
    });

signInAnonymously

signInAnonymously() returns firebase.Promise containing non-null firebase.auth.UserCredential

Asynchronously signs in as an anonymous user.

If there is already an anonymous user signed in, that user will be returned; otherwise, a new anonymous user identity will be created and returned.

Error Codes

auth/operation-not-allowed
Thrown if anonymous accounts are not enabled. Enable anonymous accounts in the Firebase Console, under the Auth tab.
Returns

non-null firebase.Promise containing non-null firebase.auth.UserCredential 

Example

firebase.auth().signInAnonymously().catch(function(error) {
  // Handle Errors here.
  var errorCode = error.code;
  var errorMessage = error.message;

  if (errorCode === 'auth/operation-not-allowed') {
    alert('You must enable Anonymous auth in the Firebase Console.');
  } else {
    console.error(error);
  }
});

signInAnonymouslyAndRetrieveData

signInAnonymouslyAndRetrieveData() returns firebase.Promise containing non-null firebase.auth.UserCredential

Signs in a user anonymously and returns any additional user info data or credentials.

This method is deprecated. Use firebase.auth.Auth#signInAnonymously instead.

If there is already an anonymous user signed in, that user with additional date will be returned; otherwise, a new anonymous user identity will be created and returned.

Error Codes

auth/operation-not-allowed
Thrown if anonymous accounts are not enabled. Enable anonymous accounts in the Firebase Console, under the Auth tab.
Returns

non-null firebase.Promise containing non-null firebase.auth.UserCredential 

Example

firebase.auth().signInAnonymouslyAndRetrieveData().catch(function(error) {
  // Handle Errors here.
  var errorCode = error.code;
  var errorMessage = error.message;

  if (errorCode === 'auth/operation-not-allowed') {
    alert('You must enable Anonymous auth in the Firebase Console.');
  } else {
    console.error(error);
  }
});

signInWithCredential

signInWithCredential(credential) returns firebase.Promise containing non-null firebase.User

Asynchronously signs in with the given credentials.

This method is deprecated. Use firebase.auth.Auth#signInAndRetrieveDataWithCredential instead.

Error Codes

auth/account-exists-with-different-credential
Thrown if there already exists an account with the email address asserted by the credential. Resolve this by calling firebase.auth.Auth#fetchProvidersForEmail and then asking the user to sign in using one of the returned providers. Once the user is signed in, the original credential can be linked to the user with firebase.User#linkWithCredential.
auth/invalid-credential
Thrown if the credential is malformed or has expired.
auth/operation-not-allowed
Thrown if the type of account corresponding to the credential is not enabled. Enable the account type in the Firebase Console, under the Auth tab.
auth/user-disabled
Thrown if the user corresponding to the given credential has been disabled.
auth/user-not-found
Thrown if signing in with a credential from firebase.auth.EmailAuthProvider#credential and there is no user corresponding to the given email.
auth/wrong-password
Thrown if signing in with a credential from firebase.auth.EmailAuthProvider#credential and the password is invalid for the given email, or if the account corresponding to the email does not have a password set.
auth/invalid-verification-code
Thrown if the credential is a firebase.auth.PhoneAuthProvider#credential and the verification code of the credential is not valid.
auth/invalid-verification-id
Thrown if the credential is a firebase.auth.PhoneAuthProvider#credential and the verification ID of the credential is not valid.

Parameter

credential

firebase.auth.AuthCredential

The auth credential.

Value must not be null.

Returns

non-null firebase.Promise containing non-null firebase.User 

Example

firebase.auth().signInWithCredential(credential).catch(function(error) {
  // Handle Errors here.
  var errorCode = error.code;
  var errorMessage = error.message;
  // The email of the user's account used.
  var email = error.email;
  // The firebase.auth.AuthCredential type that was used.
  var credential = error.credential;
  if (errorCode === 'auth/account-exists-with-different-credential') {
    alert('Email already associated with another account.');
    // Handle account linking here, if using.
  } else {
    console.error(error);
  }
 });

signInWithCustomToken

signInWithCustomToken(token) returns firebase.Promise containing non-null firebase.auth.UserCredential

Asynchronously signs in using a custom token.

Custom tokens are used to integrate Firebase Auth with existing auth systems, and must be generated by the auth backend.

Fails with an error if the token is invalid, expired, or not accepted by the Firebase Auth service.

Error Codes

auth/custom-token-mismatch
Thrown if the custom token is for a different Firebase App.
auth/invalid-custom-token
Thrown if the custom token format is incorrect.

Parameter

token

string

The custom token to sign in with.

Returns

non-null firebase.Promise containing non-null firebase.auth.UserCredential 

Example

firebase.auth().signInWithCustomToken(token).catch(function(error) {
  // Handle Errors here.
  var errorCode = error.code;
  var errorMessage = error.message;
  if (errorCode === 'auth/invalid-custom-token') {
    alert('The token you provided is not valid.');
  } else {
    console.error(error);
  }
});

signInWithEmailAndPassword

signInWithEmailAndPassword(email, password) returns firebase.Promise containing non-null firebase.auth.UserCredential

Asynchronously signs in using an email and password.

Fails with an error if the email address and password do not match.

Note: The user's password is NOT the password used to access the user's email account. The email address serves as a unique identifier for the user, and the password is used to access the user's account in your Firebase project.

See also: firebase.auth.Auth#createUserWithEmailAndPassword.

Error Codes

auth/invalid-email
Thrown if the email address is not valid.
auth/user-disabled
Thrown if the user corresponding to the given email has been disabled.
auth/user-not-found
Thrown if there is no user corresponding to the given email.
auth/wrong-password
Thrown if the password is invalid for the given email, or the account corresponding to the email does not have a password set.

Parameter

email

string

The users email address.

password

string

The users password.

Returns

non-null firebase.Promise containing non-null firebase.auth.UserCredential 

Example

firebase.auth().signInWithEmailAndPassword(email, password)
    .catch(function(error) {
  // Handle Errors here.
  var errorCode = error.code;
  var errorMessage = error.message;
  if (errorCode === 'auth/wrong-password') {
    alert('Wrong password.');
  } else {
    alert(errorMessage);
  }
  console.log(error);
});

signInWithEmailLink(email, emailLink) returns firebase.Promise containing non-null firebase.auth.UserCredential

Asynchronously signs in using an email and sign-in email link. If no link is passed, the link is inferred from the current URL.

Fails with an error if the email address is invalid or OTP in email link expires.

Note: Confirm the link is a sign-in email link before calling this method firebase.auth.Auth#isSignInWithEmailLink.

Error Codes

auth/expired-action-code
Thrown if OTP in email link expires.
auth/invalid-email
Thrown if the email address is not valid.
auth/user-disabled
Thrown if the user corresponding to the given email has been disabled.

Parameter

email

string

The email account to sign in with.

emailLink

Optional

string

The optional link which contains the OTP needed to complete the sign in with email link. If not specified, the current URL is used instead.

Value may be null.

Returns

non-null firebase.Promise containing non-null firebase.auth.UserCredential 

Example

firebase.auth().signInWithEmailLink(email, emailLink)
    .catch(function(error) {
      // Some error occurred, you can inspect the code: error.code
      // Common errors could be invalid email and invalid or expired OTPs.
    });

signInWithPhoneNumber

signInWithPhoneNumber(phoneNumber, applicationVerifier) returns firebase.Promise containing non-null firebase.auth.ConfirmationResult

Asynchronously signs in using a phone number. This method sends a code via SMS to the given phone number, and returns a firebase.auth.ConfirmationResult. After the user provides the code sent to their phone, call firebase.auth.ConfirmationResult#confirm with the code to sign the user in.

For abuse prevention, this method also requires a firebase.auth.ApplicationVerifier. The Firebase Auth SDK includes a reCAPTCHA-based implementation, firebase.auth.RecaptchaVerifier.

Error Codes

auth/captcha-check-failed
Thrown if the reCAPTCHA response token was invalid, expired, or if this method was called from a non-whitelisted domain.
auth/invalid-phone-number
Thrown if the phone number has an invalid format.
auth/missing-phone-number
Thrown if the phone number is missing.
auth/quota-exceeded
Thrown if the SMS quota for the Firebase project has been exceeded.
auth/user-disabled
Thrown if the user corresponding to the given phone number has been disabled.
auth/operation-not-allowed
Thrown if you have not enabled the provider in the Firebase Console. Go to the Firebase Console for your project, in the Auth section and the Sign in Method tab and configure the provider.

Parameter

phoneNumber

string

The user's phone number in E.164 format (e.g. +16505550101).

applicationVerifier

firebase.auth.ApplicationVerifier

Value must not be null.

Returns

non-null firebase.Promise containing non-null firebase.auth.ConfirmationResult 

Example

// 'recaptcha-container' is the ID of an element in the DOM.
var applicationVerifier = new firebase.auth.RecaptchaVerifier(
    'recaptcha-container');
firebase.auth().signInWithPhoneNumber(phoneNumber, applicationVerifier)
    .then(function(confirmationResult) {
      var verificationCode = window.prompt('Please enter the verification ' +
          'code that was sent to your mobile device.');
      return confirmationResult.confirm(verificationCode);
    })
    .catch(function(error) {
      // Handle Errors here.
    });

signOut

signOut() returns firebase.Promise containing void

Signs out the current user.

Returns

non-null firebase.Promise containing void 

updateCurrentUser

updateCurrentUser(user) returns firebase.Promise containing void

Asynchronously sets the provided user as currentUser on the current Auth instance. A new instance copy of the user provided will be made and set as currentUser.

This will trigger firebase.auth.Auth#onAuthStateChanged and firebase.auth.Auth#onIdTokenChanged listeners like other sign in methods.

The operation fails with an error if the user to be updated belongs to a different Firebase project.

Error Codes

auth/invalid-user-token
Thrown if the user to be updated belongs to a diffent Firebase project.
auth/user-token-expired
Thrown if the token of the user to be updated is expired.
auth/null-user
Thrown if the user to be updated is null.

Parameter

user

firebase.User

Value may be null.

Returns

non-null firebase.Promise containing void 

useDeviceLanguage

useDeviceLanguage()

Sets the current language to the default device/browser preference.

verifyIdToken

verifyIdToken(idToken) returns firebase.Promise containing Object

Verifies a ID token (JWT). Returns a Promise with the tokens claims. Rejects the promise if the token could not be verified.

Parameter

idToken

string

The ID token (JWT) to verify

Deprecated
Use the verifyIdToken() method in the Firebase Admin Node.js SDK.
Returns

non-null firebase.Promise containing Object The Promise that will be fulfilled after a successful verification

verifyPasswordResetCode

verifyPasswordResetCode(code) returns firebase.Promise containing string

Checks a password reset code sent to the user by email or other out-of-band mechanism.

Returns the user's email address if valid.

Error Codes

auth/expired-action-code
Thrown if the password reset code has expired.
auth/invalid-action-code
Thrown if the password reset code is invalid. This can happen if the code is malformed or has already been used.
auth/user-disabled
Thrown if the user corresponding to the given password reset code has been disabled.
auth/user-not-found
Thrown if there is no user corresponding to the password reset code. This may have happened if the user was deleted between when the code was issued and when this method was called.

Parameter

code

string

A verification code sent to the user.

Returns

non-null firebase.Promise containing string