Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Firebase Authentication with multi-factor authentication

Is there a way to implement multi-factor authentication on Firebase Authentication? From my research it seems impossible since Firebase authentication has public REST api of which, assumingly, someone knowing API_KEY and user's email/pass could directly sign in to that user's account using

https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword?key=[API_KEY]

Thank you

like image 697
jeojoe Avatar asked Oct 19 '18 05:10

jeojoe


People also ask

Does Firebase support MFA?

Adding MFA to your existing Firebase apps is straightforward. If you're using FirebaseUI for iOS, Android, Web, or Flutter, MFA support is rolling out to each of those libraries in their next releases. If you're using the Firebase Auth SDKs directly, learn how to add MFA to your Apple, Android, and web apps.

Can Firebase be used for authentication?

In the present era, user authentication is one of the most important requirements for Android apps. It is essential to authenticate users, and it is much harder if we have to write all this code on our own. This is done very easily with the help of Firebase.

Can Firebase send OTP?

You can use Firebase Authentication to sign in a user by sending an SMS message to the user's phone. The user signs in using a one-time code contained in the SMS message.


2 Answers

Update: June 2020

From March 12, 2020, It is now possible to set up multi-factor authentication using SMS as 2nd factor with Firebase for Google Cloud Identity Platform projects but this is a paid service. This article shows you how to add SMS multi-factor authentication to your web app.


I am quoting from github firebase repo. here.

Firebase Auth does not support multi-factor authentication. FirebaseUI cannot support this feature until the underlying SDK supports it. For 2-factor auth, 2 credentials need to be passed to get a Firebase ID token. Currently, one is enough to get an ID token. You can submit an official request for multi-factor auth with Firebase support.

However Multi-factor authentication itself works fine with Google account and FirebaseUI if it is enabled from Google settings.

hope it helps.

like image 80
Sankha Karunasekara Avatar answered Oct 23 '22 02:10

Sankha Karunasekara


Firebase Authentication with multi-factor authentication should soon be available according to this Google I/O video

like image 10
Alex Avatar answered Oct 23 '22 03:10

Alex