0

I am working on an Android application which uses Firebase database as a backend. Now I am afraid that if anyone can get my Firebase URL, they can manipulate my data. I also studied answers of this question.

One of its answer is saying like this ".write": "auth.uid === 'admin'",

But I want to give database access to all of my users only through my application. So how can I do this? Please advise. There is an option available in the Manage Project section to add Fingerprint but has not helped me.

Community
  • 1
  • 1
Jignesh Ansodariya
  • 12,583
  • 24
  • 81
  • 113
  • As long as the database rules for write and read are "auth != null" only authenticated users from your app can read or write to the database. See here : https://firebase.google.com/docs/database/security/quickstart – RamithDR Sep 13 '16 at 05:38
  • There is no way to protect the database to only allow access by your app. http://stackoverflow.com/questions/18005984/how-to-prevent-other-access-to-my-firebase Instead: Firebase's security model is based on authenticating each user and then ensuring they only have access to data they're authorized for. See http://stackoverflow.com/questions/37949097/swift-firebase-how-to-ensure-no-one-can-access-my-db-except-my-app – Frank van Puffelen Sep 13 '16 at 14:32

0 Answers0