Swift + Vapor framework for server + Xcode 8.1 I am trying to read Firebase Realtime Database making HTTP requests to my DB, but I get permission denied. These are the steps: 1. create JWT sign it with secret key downloaded from "console.developers.google.com" 2. send POST request to OAuth2 server and get access token 3. send GET request to firebase database with access token received from OAuth2 server. I get "Permission denied", HTTP/1.1 403 Forbidden <pre class="prettyprint"><code>// the header of the JSON Web Token (first part of the JWT) let headerJWT = ["alg":"RS256","typ":"JWT"] // the claim set of the JSON Web Token let jwtClaimSet = ["iss":"firebase-adminsdk-kxx5h@fir-30c9e.iam.gserviceaccount.com", "scope":"https://www.googleapis.com/auth/firebase.database", //is this the correct API to access firebase database? "aud":"https://www.googleapis.com/oauth2/v4/token", "exp": expDate, "iat": iatDate] drop.get("access") { request in var accesstoken = "ya29.ElqhA-....XXXX" let responseFirebase = try drop.client.get("https://fir- 30c9e.firebaseio.com/data/Users.json", headers: ["Authorization":"Bearer \(accesstoken)"], query: [:]) print("FirebaseResponse_is \(responseFirebase)") return "success" } </code></pre> <img src="https://i.stack.imgur.com/kQdsL.png" alt="Firebase Service Account"> <img src="https://i.stack.imgur.com/vSc6o.png" alt="FireBase Database Rulles">

TLDR; Try placing <code>auth=<TOKEN></code> in your query string instead of using the authorization header. <hr> The Firebase documentation is unclear on how this works. According to the documentation, there are three methods that should work. <ol> <li> <code>auth=<TOKEN></code> in query string (link)</li> <li> <code>access_token=<TOKEN></code> in query string (link)</li> <li> <code>Authorization: Bearer <TOKEN></code> in request header (link)</li> </ol> I'm not convinced that all three methods do actually work however. I'm using method 1 in my application, so I know that one works for sure.

The <code>scope</code> key was missing value <code>https://www.googleapis.com/auth/userinfo.email</code> <pre class="prettyprint"><code> let jwtClaimSet = ["iss":"firebase-adminsdk-kxx5h@fir-30c9e.iam.gserviceaccount.com", "scope": "https://www.googleapis.com/auth/firebase.database https://www.googleapis.com/auth/userinfo.email", "aud":"https://www.googleapis.com/oauth2/v4/token", "exp": expDate, "iat": iatDate] </code></pre> I found the answer browsing google groups here

Can't access FireBase Database via HTTP/REST error 403 Forbidden

Swift + Vapor framework for server + Xcode 8.1

I am trying to read Firebase Realtime Database making HTTP requests to my DB, but I get permission denied.

These are the steps:
1. create JWT sign it with secret key downloaded from "console.developers.google.com"
2. send POST request to OAuth2 server and get access token
3. send GET request to firebase database with access token received from OAuth2 server.

I get "Permission denied", HTTP/1.1 403 Forbidden

// the header of the JSON Web Token (first part of the JWT)
let headerJWT = ["alg":"RS256","typ":"JWT"]

// the claim set of the JSON Web Token
let jwtClaimSet =
  ["iss":"[email protected]",
 "scope":"https://www.googleapis.com/auth/firebase.database", //is this the correct API to access firebase database?
 "aud":"https://www.googleapis.com/oauth2/v4/token",
 "exp": expDate,
 "iat": iatDate]


drop.get("access") { request in
var accesstoken = "ya29.ElqhA-....XXXX"

 let responseFirebase = try drop.client.get("https://fir- 30c9e.firebaseio.com/data/Users.json",
  headers: ["Authorization":"Bearer \(accesstoken)"], 
     query: [:])

print("FirebaseResponse_is \(responseFirebase)")
return "success"
}

Firebase Service Account FireBase Database Rulles

Why does it keep saying 403 forbidden?

The 403 Forbidden Error happens when the web page (or another resource) that you're trying to open in your web browser is a resource that you're not allowed to access. It's called a 403 error because that's the HTTP status code that the webserver uses to describe that kind of error.

TLDR; Try placing auth=<TOKEN> in your query string instead of using the authorization header.

The Firebase documentation is unclear on how this works. According to the documentation, there are three methods that should work.

auth=<TOKEN> in query string (link)
access_token=<TOKEN> in query string (link)
Authorization: Bearer <TOKEN> in request header (link)

I'm not convinced that all three methods do actually work however. I'm using method 1 in my application, so I know that one works for sure.

The scope key was missing value https://www.googleapis.com/auth/userinfo.email

 let jwtClaimSet =
   ["iss":"[email protected]",
 "scope": "https://www.googleapis.com/auth/firebase.database  
 https://www.googleapis.com/auth/userinfo.email", 
 "aud":"https://www.googleapis.com/oauth2/v4/token",
 "exp": expDate,
 "iat": iatDate]

I found the answer browsing google groups here

Can't access FireBase Database via HTTP/REST error 403 Forbidden

Tags:

firebase

vapor

firebase-realtime-database

service-accounts

bibscy

People also ask

2 Answers

nloewen

bibscy

Recent Activity

Donate For Us

Can't access FireBase Database via HTTP/REST error 403 Forbidden

Tags:

firebase

vapor

firebase-realtime-database

service-accounts

bibscy

People also ask

2 Answers

nloewen

bibscy

Related questions

Recent Activity

Donate For Us