Custom Claims: The hidden Firebase feature

preview_player
Показать описание
Custom Claims is a Firebase Authentication feature that enables you to set access-control flags on your user JWTs. This requires a little explanation... but it's a critical part of building a secure Firebase app, so don't miss it!

Custom Claims docs:

Sample Cloud Function to manage Custom Claims:

  1. Chris Esplin
  2. Firebase
  3. JavaScript
  4. Google Cloud Platform
  5. NoSQL
  6. Authentication
Рекомендации по теме
Custom Claims: The 0:03:59

Custom Claims: The hidden Firebase feature

Controlling Data Access 0:13:12

Controlling Data Access Using Firebase Auth Custom Claims (Firecasts)

Firebase Auth Tutorial 0:05:42

Firebase Auth Tutorial #17 - Intro to Custom Claims

Build custom signup 0:05:32

Build custom signup behavior with blocking serverless functions

Build your React 0:27:40

Build your React Blog with Firebase - 10 - Implementing Role checking by Firebase custom claim

WUHF01 - Firebase 0:14:06

WUHF01 - Firebase Auth - custom claims i browseren

Custom Claims nas 0:01:56

Custom Claims nas Cloud Functions

Role based user 0:05:44

Role based user Authentication in Firebase security

NodeJS : Firebase 0:01:37

NodeJS : Firebase custom token authentication (firebase version 3)

Nestjs Line Login 0:25:09

Nestjs Line Login Custom Claims Token with Firebase Auth

Coding Mondays #11 1:01:17

Coding Mondays #11 - Firebase Functions, Auth Claims

Android App Twitter 0:30:18

Android App Twitter Authentication using Firebase and Spring Boot - Part 3 (firebase custom claims)

Firebase Auth Tutorial 0:08:43

Firebase Auth Tutorial #18 - Cloud Function / Adding Claims

💥 Checking if 0:11:31

💥 Checking if a User Is Authenticated Using Firestore Security Rules

Firebase Authentication: From 0:17:10

Firebase Authentication: From fully managed to fully customizable

NodeJS : Firebase 0:01:15

NodeJS : Firebase console shows empty identifier for custom authentication

Firebase authentication with 0:03:49

Firebase authentication with custom token

Android : Why 0:01:06

Android : Why are the custom events of Firebase analytics not shown on dashboard?

Part 14- PHP 0:15:37

Part 14- PHP Firebase Crash Course: Custom user claims (role as admin) in firebase Auth using Php

Intermediate topics in 0:29:37

Intermediate topics in Firebase Security Rules - Firecasts

Create Custom User 0:03:26

Create Custom User Role in WordPress & Firebase

Question: How to 0:14:27

Question: How to securely handle firebase logins?

100 Firebase Tips, 0:24:31

100 Firebase Tips, Tricks, and Screw-ups

Firebase cloud function 0:05:45

Firebase cloud function onCreate solution idempotency

Комментарии
Автор

Watching your video at 2AM from Belgium 4month after publishing it and still having my mind blown. THANKS !

visugrame
Автор

Denormalization is the duplication of same data at different locations in our database where they are needed in order to simplify or reduce querying.

evelynlima
Автор

Your content is amazingly refreshing and beneficial!

moradshebli
Автор

Thank you very much Chris, I always watch you and support you.

mehmetasar
Автор

how to query users by custom claims in cloud functions ??

bdlla
Автор

Hi, I am creating a web app... I have a question, as soon as I create an user using Google/facebook and get the response back.
1. Call from the Client to the Backend to set the claims
2. Refresh the token so I can have a token with claims?


Are this steps correct?

charlestico
Автор

I'm integrating another platform, I think I want to store the userId (number) from the other platform in here to reduce api and database calls.
I have about 300 users right now, it increases by about 100 each year. Hope this fits the bill.

StiekemeHenk
Автор

I know this video is going back a long way, but if your product is an iOS app with no server, then where do you place the server side code?

Jovian_Nights
Автор

So this feature can only be done a server application, like flask right? I'm trying to add custom claims to users, and right now I only have 2 react applications that are hooked up to firestore. Is it possible to build the feature of adding a custom claim without needing to build a flask or other server app?

jonathanma
Автор

Nice vid. I am setting custom claims in my app and there are use cases where the user token on the client needs to be refreshed as soon as their claim is set via a cloud function. This is important if the claims determine what they see in the UI of the app. Since most users aren't signing out and in and in and out all the time you need to call currentUser.getIdToken(true) on the client which refreshes the token.

andrews
Автор

Hey Chris, thanks for your video!
Im a beginner and I have a question perhaps you could help me.
Im using the admin sdk with node.js.
Have you taken a look at the method called verifyIdToken?
It receives a token and it returns an object that allows you to get the email, uid and other attributes of the current user but not the customClaims
Do you know if there is a way to get the customClaims by a token?
Thanks

RoBuceo
Автор

Thanks. really is hidden feature jejeje.
Thanks for shared your code

ferrerasalexander
Автор

Hi Chris, how are you setting node runtime to version 8 on your firebase functions?

josephyoungquist
Автор

Hey Chris, nice finding there! Would you mind sharing the source code used in your example, please? Thanks a lot!

davyengone
Автор

nice video while opening the git repo it giving 404.Can You look at this issue

akshaykumararasavalli