firebase email/password auth with REST API

Question

Is it possible to do email/password auth with the REST API rather the SDKs? (without having to set up my own token server)

I can't find anything in the docs about it.

Nope. There is no public REST endpoint to authenticate users with email+password. Since this has been asked before, I'll find and mark as a duplicate. — Frank van Puffelen, Jan 15 '16 at 17:08
Check out http://stackoverflow.com/questions/37322747/using-mail-and-password-to-authenticate-via-the-rest-api-firebase — Big Pumpkin, Aug 06 '16 at 01:25

score 2 · Accepted Answer · answered Jan 15 '16 at 17:18

2

Nope.

There is no public REST endpoint to authenticate users with email+password (or any other supported provider). When using the REST API, you will have to either mint your own tokens, use your Firebase's secret or get the token from somewhere else (e.g. passed from a client app to your code).

answered Jan 15 '16 at 17:18

Frank van Puffelen

565,676
79
828
807

do you mean hardcode the firebase's secret into the client? what's the downside to that in terms of security? – usrgnxc Jan 20 '16 at 16:16
@frank-van-puffelen Since Database secrets are currently deprecated, I suppose the only options available when using REST API are : mint your own tokens or request them from OAuth2.0 with a service account. – bibscy Nov 26 '16 at 17:45
1

What about [Using mail and password to authenticate via the REST API](http://stackoverflow.com/questions/37322747/using-mail-and-password-to-authenticate-via-the-rest-api-firebase) – Ronnie Royston May 18 '17 at 00:37

score 1 · Answer 2 · answered May 04 '20 at 10:09

1

To Login POST

https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=<web-key>

Request Body:

{
  "email": "email",
  "password": "password",
  "returnSecureToken": true
}

More on : Firebase Auth Docs

answered May 04 '20 at 10:09

Harit Kumar

217
2
5

1

Any chance you've been able to get this working with the Authentication Emulator? I've tried replacing the domain with localhost:9099 but that doesn't work – David Ritchie Nov 24 '20 at 13:00
@DavidRitchie any luck accomplishing this with the auth emulator? – MikeG Feb 24 '21 at 00:14
@MikeG sorry not had the time to get back on to this yet. I believe the auth emulator has had a lot done to it recently and may be in the stable release soon too. – David Ritchie Feb 24 '21 at 09:13
no worries @DavidRitchie I opened a question yesterday but was able to figure it out shortly after https://stackoverflow.com/questions/66342941/firebase-auth-emulator-email-password-sign-in-rest-endpoint/66343248#66343248 – MikeG Feb 24 '21 at 23:53

score 0 · Answer 3 · answered Apr 25 '16 at 18:55

Yes you can do it! No idea why firebase docs are so retarded for REST. I checked how app generated with this https://github.com/firebase/generator-angularfire . And it uses REST in several cases. Dig deeper. I don't know about all params in this methods, but it works.

To login

GET
<url to your firebase instanse>/auth/password?&email=<email>&password=<password>&v=js-2.2.2&transport=json&suppress_status_codes=true

To sign up

POST
<url to your firebase instanse>/users?&email=<email>&password=<password>&_method=POST&v=js-2.2.2&transport=json&suppress_status_codes=true

firebase email/password auth with REST API

3 Answers3