{title &&

{title}

}

{children}

; }; Firebase authentication is a service for securely signing users into applications. It supports authentication using passwords, phone numbers, popular federated identity providers like Google, Facebook, Twitter, and more. Use the Firebase authentication method to quickly integrate with your existing Firebase user base and manage access to Firebase functions without complex custom authentication setups. The official Firebase auth documentation provides more detail: * [Firebase authentication](https://firebase.google.com/docs/auth) ## Using Firebase authentication Since a user must log in when using Firebase auth, integrations that use this auth method can't be used in Workflows or Scheduled Jobs Use the following instructions to set up Firebase authentication. ### Get Firebase auth config 1. Navigate to your project in the [Firebase console](https://console.firebase.google.com) 2. In the console, go to the **Authentication** section 3. Click on the **Settings** tab followed by **Authorized domains** 4. Click **Add domain** and add either `app.superblocks.com` or `eu.superblocks.com` Add Superblocks to authorized domains

5. From the **Project overview** page, click **Add app** and select **Web** as your app's platform Create a new Firebase web application

6. Name your new web app and click **Register app** 7. Copy the `firebaseConfig` object in the SDK code snippet. Make sure you **don't** copy the semicolon at the end of the line Copy SDK config firebaseConfig

### Configure Integration 1. In the web app, navigate to the [Integrations](https://app.superblocks.com/integrations) page 2. Click into an existing REST integration, or create a new one 3. Select **Firebase** in the **Authentication method** dropdown 4. Paste the `firebaseConfig` object you copied previously into the **API config** field 5. Choose the sign-in methods you want to support 6. Use the [`firebase` object](#the-firebase-object) in **Headers** or **Params** to define how the firebase token will be used when calling your API. For example, to send the access token as an Authorization header, set: firebase.token referenced in Authorization header

firebase.token referenced in Authorization header

Authentication with Firebase will be initiated in the user's browser when an API using this integration executes. ## The **`firebase`** object The results of a Firebase exchange can be referenced in your integration configuration using the `firebase` object. The `firebase` object has the following properties. | Property | Datatype | Description | Full Path | | -------- | -------- | ------------------------------------------- | ---------------- | | `token` | `STRING` | The access token returned by the OAuth flow | `firebase.token` | ## Token caching and refresh This section includes specifics on how Firebase access tokens are handled. For more information on sessions management see our guide on [Credential & Session Management](/integrations/auth/credential-and-session-management) ### Cache location After your Firebase authentication flow returns an access token, it is saved as an HTTP-Only Secure cookie in the user's browser. The token is cached in the browser since it is already exposed to the browser as a part of the authentication flow. The cookie cannot be accessed using JavaScript so is safe from exfiltration. ### Refreshing access tokens Superblocks Firebase authentication does not support token refresh. Once the user's access token has expired, Superblocks will reprompt the user to log in.