Menu
In Firebase, when we sign up , it gives us an API key for each firebase Url. But where is it used in a consuming application? The fireBase API does not provide any means to supply API Key.
Security : What prevents anyone to go ahead and write any object to the given firebase Url? How is the authorization managed?
455
In the Firebase console, open Settings > Service Accounts. Click Generate New Private Key, then confirm by clicking Generate Key.
Go to the Google Maps Platform > Credentials page. On the Credentials page, click Create credentials > API key. The API key created dialog displays your newly created API key.
An application programming interface (API) key is a code used to identify and authenticate an application or user. API keys are available through platforms, such as a white-labeled internal marketplace. They also act as a unique identifier and provide a secret token for authentication purposes.
You can generate your api key at https://console.developers.google.com/apis/credentials?project=[YOUR-PROJECT]
Replace [YOUR-PROJECT] with your proyect ID.
Find more information at https://support.google.com/cloud/answer/6158862
regards.
94
updated the links to the new Firebase website
Your question is very timely, as Firebase just announced its full security suite a few days ago.
There's a nice intro screencast and docs here: https://firebase.google.com/docs/database/security/
The "API Key" is the old name for a Firebase Secret. This is used to generate Authentication Tokens to prove to Firebase who users are. You can see docs on authentication here: https://firebase.google.com/docs/auth/
37
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
