Firebase Auth Database permissions by domain

Asked Jun 07 '17 at 16:40

Active Jun 20 '17 at 19:57

Viewed 57 times

I'd like to setup the rules for my Firebase database such that each authenticated user gets read access to a domain-specific node at: /domains/yourdomain.com

How do I change the following rule to allow for that? As the 'matches' and 'endswith' operator expect literal values, and don't expand the $domain variable.

{
  "rules": {
    "domains": {
      "$domain": {
        ".read": "$auth.token.email.matches(/.*@$domain$/)",
        ".read": "$auth.token.email.endswitch($domain)",
      }
    }
  }
}

edited Jun 20 '17 at 19:57

asked Jun 07 '17 at 16:40

skunkwerk

2,920
2
37
55

https://stackoverflow.com/questions/18005984/how-to-prevent-other-access-to-my-firebase please read this answer – Jayakrishnan Jun 07 '17 at 16:52
1

Or maybe you're actually looking for my answer here: https://stackoverflow.com/questions/36943350/how-do-i-lock-down-firebase-database-to-any-user-from-a-specific-email-domain – Frank van Puffelen Jun 07 '17 at 17:27
The first link only mentions authenticated users, but I need domain-specific authentication. The second question is what I need, but the accepted answer forces the creation of a node like "gmailUsers" for each domain. I don't want to have to create a separate rule for each domain. – skunkwerk Jun 20 '17 at 19:53

Firebase Auth Database permissions by domain

0 Answers0