Delete a specific user from Firebase

Question

Is there a way I can get a specific user account from firebase and then delete it?

For instance:

// I need a means of getting a specific auth user. var user = firebase.auth().getUser(uid); // Note the getUser function is not an actual function. 

After, I want to delete that user and their additional data:

// This works user.delete().then(function() {    // User deleted.    var ref = firebase.database().ref(       "users/".concat(user.uid, "/")    );    ref.remove(); }); 

Firebase Documentation states that users can be deleted if they are currently logged in:

firebase.auth().currentUser.delete() 

My aim is to allow logged in admin user to delete other users from the system.

Answer 1

When using the client-side SDKs for Firebase Authentication, you can only delete the user account that is currently signed in. Anything else would be a huge security risk, as it would allow users of your app to delete each other's account.

The Admin SDKs for Firebase Authentication are designed to be used in a trusted environment, such as your development machine, a server that you control, or Cloud Functions. Because they run in a trusted environment, they can perform certain operations that the client-side SDKs can't perform, such as deleting user accounts by simply knowing their UID.

Also see:

• delete firebase authenticated user from web application

---

Another common approach is to keep a whitelist/blacklist in for example the Firebase Database and authorize user based on that. See How to disable Signup in Firebase 3.x