Stack Overflow
Stack Overflow

Questions tagged [google-cloud-identity]

107 questions
16
votes
2 answers

what is the equivalent component of AWS Cognito in GCP for features like userpools, triggers and appclients?

We are migrating an application from AWS to GCP. In AWS, we use Cognito service for maintaining different types of users inside userpools (for example: SSO users has different userpool and users with email and password are configured in different…
code tutorial
  • 554
  • 1
  • 5
  • 17
10
votes
1 answer

Difference between Google Cloud "Cloud Identity", "Firebase Auth", "Identity Platform"

I am trying to understand the difference between: Cloud Identity, Firebase Auth, Identity Platform I've read the following…
limjix
  • 423
  • 1
  • 5
  • 18
8
votes
0 answers

Google Identity Platform available MFA procedures

The Google Identity Platform documentation only mentions MFA via SMS. Are procedures like TOTP really not supported? Is that planned for the near future? For a sophisticated corporate application, it seems necessary to me, both for security reasons…
stoniemahonie
  • 321
  • 1
  • 5
  • 13
7
votes
2 answers

Firestore Rules with multi-tenancy?

The Firebase Rules docs suggest building conditions comparing the authenticated user's token (i.e., request.auth) with the target Firestore document(s). Something like: match /posts/{postId} { allow read, write: if (request.auth.uid != null) && …
warfield
  • 624
  • 6
  • 14
5
votes
1 answer

View authenticated users in Firebase Emulator when using multi tenancy

A project that we are building uses the Google cloud identity toolkit multi-tenant feature. We have two tenants that we are actively using. We interact with all of this through Firebase's authentication suite. I've noticed that when using this the…
Filled Stacks
  • 4,116
  • 1
  • 23
  • 36
5
votes
1 answer

How to mock Identity Platform Authentication to trigger beforeCreateHandler

I have a google cloud function which I run in Google Identity Platform in the beforeCreate trigger which looks like this: import * as gcipCloudFunctions from "gcip-cloud-functions"; const authClient = new gcipCloudFunctions.Auth(); const…
Vlad Blaj
  • 55
  • 3
5
votes
1 answer

I can't deploy Firebase functions because I don't have "Service Account User" Role

I'm trying to deploy Firebase Functions like so: firebase deploy --only functions However, I'm getting the following error: Error: Missing permissions required for functions deploy. You must have permission iam.serviceAccounts.ActAs on service…
Fred
  • 381
  • 5
  • 17
5
votes
0 answers

Firebase with SAML authorization callback URL

Trying to get dot some Is and cross some Ts on getting SAML to function correctly with Firebase. I've followed Google's workflow on how to add SAML to a project (https://cloud.google.com/identity-platform/docs/how-to-enable-application-for-saml) but…
benL
  • 51
  • 2
4
votes
2 answers

Firebase email template for Scope to a tenant

I modified the email template for "reset password". If the user is out of tenant scope on Identity Planform - the template works fine. But when the user is in tenant scope - the template not working. User out of scope: IDP:…
IncognitoUser
  • 312
  • 1
  • 8
4
votes
3 answers

Does "Domain Restricted Sharing" in GCP prevent service accounts from getting IAM permissions?

If I turn on the Organization Policy constraint "Domain Restricted Sharing" (doc) and set it to allow only my org domain foo.com, will this prevent the slew of platform service accounts from getting their IAM permissions granted? For instance,…
Thomas Ruble
  • 842
  • 6
  • 14
4
votes
0 answers

Unable to install Firebase App Tester application on Android device with Device Policy profile

Unable to install Firebase App Tester application on Android device within work profile - error when uploading APK file through app management of Google Cloud Identity service. Secure corporate access on personal devices is used in a company.There…
AndrewS
  • 2,679
  • 2
  • 14
  • 23
3
votes
0 answers

Firebase `createUserWithEmailAndPassword` creates a user with the correct tenant id, but I still see an error `auth/tenant-id-mismatch`

The following is the code sample. The goal is to create a user with email and password, for a specific tenantId: import { Observable } from 'rxjs'; import { initializeApp } from 'firebase/app'; const app =…
skypen
  • 199
  • 2
  • 10
3
votes
1 answer

Service account request to IAP-protected app results in 'Invalid GCIP ID token: JWT signature is invalid'

I am trying to programmatically access an IAP-protected App Engine Standard app via Python from outside of the GCP environment. I have tried various methods, including the method shown in the docs here:…
rocklobster
  • 445
  • 1
  • 4
  • 8
3
votes
1 answer

How do I resolve message "There was an error. Please try again" when accepting Google Account Transfer request

We have just set up a Google Cloud Identity domain, and have a number of users who already have consumer Google accounts using their corporate email addresses. I've invited several of them to transfer their account to our domain - most have…
angusham
  • 98
  • 5
3
votes
1 answer

Cloud Identity and Cloud Endpoints, Is there any way to bar certain users within a role/group from making POST/GET Requests to an endpoint

For example, let's say user A needs to have GET permissions but no POST permissions to a certain endpoint. Is there any way to: Make roles where a certain user can't make certain types of requests to an endpoint? Make sure that endpoint follows…
BryceSoker
  • 624
  • 1
  • 11
  • 29
1
2 3 4 5 6 7 8