Firebase - Share authentication across sub domains using firebase admin sdk

Question

I have done some research about sharing the auth object across sub domains of my app. Apparently firebase's web sdk this setup.

My idea is to have a single login website login.myapp.com which can be used by my other apps app1.myapp.com, app2.myapp.com to authenticate with. Just like google.

My first attempt was to stringify() the auth object from localStorage, then send it as a url param to the requesting app so that I could parse() the auth object and store it to that app's localStorage.

But I dont like this setup, not only the tokens will be recorded on browser's history, it also looks weird.

So I was wondering if there is a known setup for this using the admin sdk.

1. Get auth from login.myapp.com
2. Pass the uid to app1.myapp.com
3. app1.myapp.com pass the uid to server via http
4. The server will check if the uid is authenticated.
5. If successful, the server will respond an auth object to app1.myapp.com.

Can the firebase admin produce something like this?

Answer 1

It sounds like custom token minting is what you need. How about you mint a custom token in login.myapp.com using an Admin SDK, and then pass it to your requesting apps? These apps can then login to Firebase by calling signInWithCustomToken().