skillZs
LIVE SKILL TAGS
>>> LIVE SKILLS INDEX <<<
* OPEN SOURCE *
NO LOGIN, NO TRACKING
REAL INSTALL DATA
← back to all skills
firebase/agent-skills107k installs

firebase-auth-basics

Guide for setting up and using Firebase Authentication. Use this skill when the user's app requires user sign-in, user management, or secure data access using auth rules.

How do I install this agent skill?

npx skills add https://github.com/firebase/agent-skills --skill firebase-auth-basics
view source ↗

Is this agent skill safe to install?

  • Gen Agent Trust Hubpass

    This skill provides documentation and code snippets for implementing Firebase Authentication. It utilizes official tools and libraries from Google/Firebase and does not contain any malicious patterns or security risks.

  • Socketpass

    No alerts

  • Snykpass

    Risk: LOW · No issues

  • Runlayerpass

    3 files scanned · No issues

  • ZeroLeakspass

    Score: 93/100 · 2 sections analyzed

What does this agent skill do?

Prerequisites

  • Firebase Project: Created via npx -y firebase-tools@latest projects:create (see firebase-basics).
  • Firebase CLI: Installed and logged in (see firebase-basics).

Core Concepts

Firebase Authentication provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users to your app.

Users

A user is an entity that can sign in to your app. Each user is identified by a unique ID (uid) which is guaranteed to be unique across all providers. User properties include:

  • uid: Unique identifier.
  • email: User's email address (if available).
  • displayName: User's display name (if available).
  • photoURL: URL to user's photo (if available).
  • emailVerified: Boolean indicating if the email is verified.

Identity Providers

Firebase Auth supports multiple ways to sign in:

  • Email/Password: Basic email and password authentication.
  • Federated Identity Providers: Google, Facebook, Twitter, GitHub, Microsoft, Apple, etc.
  • Phone Number: SMS-based authentication.
  • Anonymous: Temporary guest accounts that can be linked to permanent accounts later.
  • Custom Auth: Integrate with your existing auth system.

Google Sign In is recommended as a good and secure default provider.

Tokens

When a user signs in, they receive an ID Token (JWT). This token is used to identify the user when making requests to Firebase services (Realtime Database, Cloud Storage, Firestore) or your own backend.

  • ID Token: Short-lived (1 hour), verifies identity.
  • Refresh Token: Long-lived, used to get new ID tokens.

Workflow

1. Provisioning

Option 1. Enabling Authentication via CLI

Only Google Sign In, anonymous auth, and email/password auth can be enabled via CLI. For other providers, use the Firebase Console.

Configure Firebase Authentication in firebase.json by adding an 'auth' block:

{
  "auth": {
    "providers": {
      "anonymous": true,
      "emailPassword": true,
      "googleSignIn": {
        "oAuthBrandDisplayName": "Your Brand Name",
        "supportEmail": "support@example.com",
        "authorizedRedirectUris": ["https://example.com", "http://localhost"]
      }
    }
  }
}

[!NOTE] If the Google Sign-In popup opens and immediately closes with the error [firebase_auth/unauthorized-domain], it means the domain is not authorized. For local development, ensure localhost is included in the Authorized Domains list in the Firebase Console or via the authorizedDomains field in firebase.json. CRITICAL: Do NOT include the protocol or port number in the Authorized Domains list (e.g., use localhost, NOT http://localhost:9090).

CRITICAL: After configuring firebase.json, you MUST deploy the auth configuration to the Firebase backend for the changes to take effect. This is essential for auth providers like Google Sign-In, email/password, etc. to auto-generate the necessary OAuth clients for your app platforms. Run:

npx -y firebase-tools@latest deploy --only auth

Option 2. Enabling Authentication in Console

Enable other providers in the Firebase Console.

  1. Go to the https://console.firebase.google.com/project/_/authentication/providers
  2. Select your project.
  3. Enable the desired Sign-in providers (e.g., Email/Password, Google).

2. Client Setup & Usage

Web See references/client_sdk_web.md.

Flutter See references/flutter_setup.md. Android (Kotlin) See references/client_sdk_android.md.

3. Security Rules

Secure your data using request.auth in Firestore/Storage rules.

See references/security_rules.md.

Add the canonical catalog link to the repository README so users can inspect current installs and available audits. The publishing guide covers the complete discovery path.

<a href="https://skillzs.dev/skills/firebase/agent-skills/firebase-auth-basics">View firebase-auth-basics on skillZs</a>