Identity Toolkit API config returns "CONFIGURATION_NOT_FOUND"

Question

I am trying to enable Firebase Authentication in my project, and to add Phone Auth to it, via API (without using the GUI console).

I am using the Service Usage API in order to enable Identity Toolkit, and then trying to use Identity Toolkit API in order to add the Phone Auth.

I am enabling Identity Toolkit via the Service Usage API like this (POST request):

URL:

https://serviceusage.googleapis.com/v1/projects/MY_GCP_PROJ/services:batchEnable

Body:

{
  "serviceIds": ["identitytoolkit"]
}

And indeed, after running this request I see in GCP console that Identity Toolkit has been enabled.

After that, I try to update the config using Identity Toolkit API, like this (PATCH request):

URL:

https://identitytoolkit.googleapis.com/v2/projects/MY_GCP_PROJ/config?updateMask=signIn

Body:

{
    "signIn": {
        "phoneNumber": {
            "enabled": true,
            "testPhoneNumbers": {
                "+11111111111": "123456",
            }
        },
    }
}

But for some reason, I receive an error saying:

{
    "error": {
        "code": 404,
        "message": "CONFIGURATION_NOT_FOUND",
        "status": "NOT_FOUND"
    }
}

I can't understand why the Identity Toolkit API cannot find the configuration and update it as specified.

Does anyone know how it can be solved?

Thank you

From experience, it's a little gnarly. Have you tried `GET`'ting `/config` to confirm that your mask matches the structure? What identity are you using to auth the requests? — DazWilkin, Aug 13 '22 at 18:52
@DazWilkin Yes, I did try to `GET`, but unfortunately I get the same error. I use the bearer token to auth the request. When I enabled Identity Provider manually via the GCP console, the request suddenly started working. But it's still not a solution for me as I want to automate this process and enable it via the REST API. Any idea why it is happening? — F.SO7, Aug 13 '22 at 19:49
Which identity? Your user account (`you@gmail.com`)? That won't work. You will need to create a Service Account. I [blogged](https://pretired.dazwilkin.com/posts/211026/) about my experience with this (adding authorized domains for Firebase Auth). I'm headed out for the afternoon|evening but will check in on this tomorrow to see how you're doing. — DazWilkin, Aug 13 '22 at 19:51
@DazWilkin Thank you. I've re-tried with a service account token of GCP, but I still get the `CONFIGURATION_NOT_FOUND` error unfortunately. Did you find a way to solve it? — F.SO7, Aug 14 '22 at 18:35
It works for me (updating `authorizedDomains`). Are you able to get `GET /config`? If the auth's working, I suspect your `updateMask` or body are incorrect — DazWilkin, Aug 14 '22 at 18:45
@DazWilkin Unfortunately, I am unable to `GET` the config as well. Same error. It works for me only after I manually enable `Identity Provider` in the project. Does it work for you without enabling it manually? — F.SO7, Aug 14 '22 at 19:16
You **must** enable the service in the project before you'll be able to invoke its methods. `gcloud services enable identitytoolkit.googleapis.com --project=${PROJECT}` — DazWilkin, Aug 14 '22 at 19:26
@DazWilkin I did enable `identitytoolkit.googleapis.com`. But it doesn't work. It only works when I enable `Identity Platform` manually through the console — F.SO7, Aug 14 '22 at 19:30
My experience differs from yours. Google's various (!) identity services are confusing to me. For `authorizedDomains`, I used `identitytoolkit` with the `GET` and `PATCH` on `/config`. If I have time tomorrow, I'll try to reproduce your experience. — DazWilkin, Aug 14 '22 at 22:29
@DazWilkin Thank you. If you try to reproduce it, please try it with a brand new GCP/Firebase project. Maybe that's related. I am creating the project using the `firebase projects:create -o $GCLOUD_ORGANISATION_ID -n "$NAME" $NEW_FIREBASE_PROJECT_ID` command of the Firebase CLI — F.SO7, Aug 15 '22 at 06:41
@DazWilkin I've started a bounty for this question, if you want to contribute :) — F.SO7, Aug 16 '22 at 14:40

score 1 · Accepted Answer · answered Nov 06 '22 at 18:18

I spent days config Firebase Auth without using Web UI :). Even checking the GCP audit log to see what backend call enables Firebase Auth.

However, I could not find the CreateConfig method at https://cloud.google.com/identity-platform/docs/reference/rest.

I tried this method and things work. https://cloud.google.com/identity-platform/docs/reference/rest/v2/projects.identityPlatform/initializeAuth

curl --request POST \
  --url "https://identitytoolkit.googleapis.com/v2/projects/$ENV_GCP_PROJECT_ID/identityPlatform:initializeAuth" \
  --header "Authorization: Bearer $TOKEN" \
  --header 'Content-Type: application/json' \
  --header "X-Goog-User-Project: $ENV_GCP_PROJECT_ID"

But the result is the new Identity Platform will be used instead of the old Identity Toolkit.

Looking at pricing, it seems (a bit) more expensive https://firebase.google.com/pricing. I personally will use the new one (as Google is pushing it :). Hope this answer somehow helps (or anyone can find the REST call to enable auth for the old Identity Toolkit)

score -1 · Answer 2 · answered Aug 22 '22 at 04:32

-1

The same issue happened to me when I was trying to use REST API but then I get to know that the URL I am using was wrong. Try Method: projects.updateConfig

answered Aug 22 '22 at 04:32

Mansi Bharadwaj

1
1

This is exactly the URL I was using, which gave me the error mentioned above. Did you manage to enable the Authentication feature on a new Firebase/GCP project using this endpoint? – F.SO7 Aug 22 '22 at 15:36

Identity Toolkit API config returns "CONFIGURATION_NOT_FOUND"

2 Answers2